Viewing and managing agent logs in the administration console

All logs that have been configured to appear in the console can be seen in the Environment > Agent logs menu. In this menu, you will be able to analyze, filter and manage logs, add exceptions so that certain logs will no longer be generated, and run Yara or IoC scans from logs. You can also Analyzing contexts to understand attacks and Managing remediation tasks from logs.

If an agent is offline and its logs were not sent to the agent handler, you can export its logs so that you can import and view them later in the Agent logs panel.

The Agent logs - Modify privilege is required to manage logs and create exceptions.