Viewing and managing agent logs in the administration console

All the logs you have configured to be displayed on the console are visible in the Environment > Agent logs menu. In this menu, you will be able to analyze, filter and manage logs, add exceptions so that certain logs will no longer be generated, and run Yara or IoC scans from logs. You can also Analyzing contexts to understand attacks and Managing remediation tasks from logs.

The date and time of the agent logs displayed on the console are based on the time zone set on the machine hosting the console.


If an agent is offline and its logs were not sent to the agent handler, you can export its logs so that you can import and view them later in the Agent logs panel.

The Agent logs - Modify privilege is required to manage logs and create exceptions.