Management audit log messages - View the types of Cortex Cloud management audit log messages that are sent. - Administrator Guide

Management audit log messages - View the types of Cortex Cloud management audit log messages that are sent. - Administrator Guide - Cortex CLOUD

Cortex Cloud Runtime Security Documentation

Product

Cortex Cloud Application Security > Cortex CLOUD

License

Cloud Runtime Security

Creation date

2024-12-24

Last date published

2026-06-04

Category

Administrator Guide

Abstract

View the types of Cortex Cloud management audit log messages that are sent.

Cortex Cloud management audit log messages are sent based on the various log types, for example, Action Center, Issue Rules, or Authentication.

Action Center
Agent Configuration
Agent Exception Rules
Issue Exclusion
Issue Management
Issue Notifications
Issue Rules
Issue Exclusions
Allowed Domains
API Key
Apps
Asset Inventory
Asset Roles
Asset Tag Rules
Asset Uploads
Authentication
Automation Rules
Automation Settings
Broker API
Broker VMs
Business Unit Change
SaaS Collection
Custom Fields
Dashboards
Datasets
Dataset Views
Data Retention
Device Control Custom Device
Device Control Permanent Exceptions
Extensions Policy Rules
Device Control Profile
Device Control Temporary Exceptions
Agent Installation
EDL Management
Effective IP Ranges
Endpoint Groups
Endpoint Administration
Event Forwarding
Device Control Violations
Device Permanent Exceptions
Device Temp Exceptions
Disk Encryption Visibility
Featured Alert Fields
Forensics
Global Exceptions
Host Insights
Disk Encryption Profile
Host Firewall
Host Firewall Profile
Case Domains
Case Layout Rules
Case Management
Case Properties
Case Timeline Event
Indicator rules
Ingest Data
Integrations
Layout Rules
Licensing
Live Terminal
Lookups
Managed Detection & Response
Managed Threat Hunting
MSSP
Permissions
Playbook Triggers
Policy & Profiles
Prevention Policy Rules
Prisma Integration
Extensions Profile
Public API
Query Center
Query Library
Remediation
Remediation Path Rules
Reporting
Response
Rules
Rules Exceptions
Scoring Rules
XDR Collector Configuration
XDR Collectors Groups
XDR Collectors Policy
XDR Collectors Profile
Script Execution
Security Settings
Server Settings
Starred Incidents
Support
System
Tenant Takeover
Vulnerability Assessment
Vulnerability Tests
XCloud Integration
XDM Config
XQL Parsing Rules
Public API
Cortex Automation
- Sub Type—Command - War Room
  - Status—Success
  - Severity—Informational
  - Details— IncidentID:({ID}), IncidentType:({type}), IncidentName:({name}), Command:({command}), Arguments:({arg1})="arg1val" ({arg2})="arg2val" ({argn})="argnval", ID: ({num})
- Sub Type—Command - Playground
  - Status—Success
  - Severity—Informational
XSOAR Migration