Description

This guide will go over the Audit tab in the ConcealBrowse dashboard and explain what it holds and what options are available to you.

Procedure

Before you begin:
For the integrations section (Step 5), you have to configure an integration in order to store more than 24 hour of events. We cache 24 hours of data in the dashboard without an integration. If you have multiple tenants, you will need to do the configuration for each tenant. The audit integrations are separate from the other integrations in the Integrations sections.

1. In your web browser navigate to https://dashboard.conceal.io/ and login if necessary.
2. From the left-hand menu choose the Audit section. 
3. You will need to go to the Policy tab to select what your audit logs will hold regarding polices, device changes, extension management setting, and user changes. Click Apply to save your changes.
4. On the Timeline tab you will see the last 24 hours of your audit logs, giving you insight on the date, time, type of event, and user who triggered the event. Click the dropdown for more details on the event.
5. On the Integrations tab is where you can configure the supported integrations for all audit logs to go to your SIEM/reporting instance. For more detailed information on each integration, please refer to our Integrations section of our support center.
6. Once a policy is configured (Step 2) and an integration is configured (Step 5), Conceal will track 24 hours of history for all the configured tenant in the 24 hour timeline. All permanent history goes to your SIEM/logging system via the configured integrations.

NOTE: Only fields changed will show up in the diff. Some events will show an empty diff or empty fields, use "resource_id" field (if present) to track the specific resource.

Policy changes can be viewed for a specific policy in the Policy dashboard

*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at support.conceal.io by scrolling to the bottom and clicking Submit a request.