Viewing logs in the agents’ interface
- On the workstation, click on in the status bar.
The agent interface appears. - In the Help and support tab, click on Events.
The list of logs from this workstation appears. An administrator user can view all log severity levels, while only Alert and Emergency level logs that have resulted in a block are displayed for a non-administrator user.
The color on the left in a line of logs indicates its severity.
The various color labels indicate:- The severity of the log, (e.g., Alert, Notice, etc.),
- The type of log, (e.g., Internal, Self-protection, etc.),
- The implemented protection, (e.g., Registry, etc.),
- The action that SES Evolution applied (e.g., Block, etc.).
- By default, you see only the logs accessible to the user who opened the session. Click on Show all logs (administrator only) to also see logs accessible to administrators. For example, if several users connect to the same workstation, you can view logs for all sessions with this option.
- Filter the list of logs to show only those that are relevant to you:
- Click on one of the labels of a log to show only the list of logs that have this label. For example, click on Registry to display all logs relating to this registry base.
Active filters appear at the top of the window. Delete all filters to display all logs again. - In the Search field, enter one or several character strings and press Enter to show only logs that contain these strings.
- Click on one of the labels of a log to show only the list of logs that have this label. For example, click on Registry to display all logs relating to this registry base.
If you suspect an issue and need to display even more logs, change the log settings in the agent group logs or in the security rule.
SES Evolution keeps 500 MB of log history. When this capacity is reached, the oldest logs will be deleted, beginning with logs of the lowest priority.