Viewing and managing agent logs in the administration console

All logs that have been configured to appear in the console can be seen in the Agent logs menu. In this menu, you will be able to analyze, filter and manage logs, add exceptions so that certain logs will no longer be generated, and run Yara scans from logs. You can also Analyzing incidents to understand attacks.

If an agent is offline and its logs were not sent to the agent handler, you can export its logs so that you can import and view them later in the Agent logs panel.

The Agent logs - Modify privilege is required to manage logs and create exceptions.