Description

This guide will go over the Audit tab in the ConcealBrowse dashboard and explain what it holds and what options are available to you.

Procedure

Before you begin:
For the plugins section (Step 5), you have to configure a plugin in order to receive events. We cache 24 hours of data of that configured plugin. If you have multiple tenants, you will need to do the configuration for each tenant. The audit plugins are separate from the other plugins.

1. In your web browser navigate to https://dashboard.conceal.io/ and login if necessary.
2. From the left-hand menu choose the Audit section
   
3. First you will see auditing rules on the Policy tab. Here is where you can customize what your audit logs will hold regarding polices, device changes, extension management setting, and user changes. Click Apply to save your changes.
4. On the Timeline tab you will see the last 24 hours of your audit logs, giving you insight on the date, time, type of event, and user who triggered the event.
   
5. On the Plugins tab is where you can configure the supported plugins for all audit logs to go to your SIEM/reporting instance. For more detailed information on each integration, please refer to our Post Process section of our support center.
   
6. Once a policy is configured (Refer to Step 2) and a plugin is configured (Step 5), Conceal will track 24 hours of history for all the configured tenant in the 24 hour timeline. All permanent history goes to your SIEM/logging system via the configured plugin.

*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at support.conceal.io by scrolling to the bottom and clicking Submit a request.