Monitor Gateway Management Activity - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Prevent Administrator Guide

Product
Cortex XDR
License
Prevent
Creation date
2023-10-31
Last date published
2024-02-14
Category
Administrator Guide
Abstract

Learn how to monitor Cortex Gateway permission management activities.

The Gateway allows you to manage the user roles and permissions across your Cortex XDR CSP accounts. To track your permission management activity, in the Cortex Gateway , navigate to <User Name> and select Management Auditing.

Note

You must have Account Admin role permissions to access the Management Auditing page.

The Management Audit Logs fields describe the following information:

Field

Description

Description

Log message describing the action taken and on which tenant. To filter according to a tenant, use the contains operator.

Email

Email of the user who performed the action.

Result

The result of the action: Success, Fail, or N/A

Severity

Severity associated with the log:

  • Critical

  • High

  • Medium

  • Low

  • Informational

Subtype

Additional classification of permissions log.

Timestamp

Date and time when the action occurred are displayed in UTC.

Type

Type of action, Permissions or Roles.

Note

For Cortex XDR 3.0, only Permissions type actions are displayed.

User Name

Name of the user who performed the action.