Monitor Gateway Management Activity - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Administrator Guide

Product
Cortex XSIAM
Creation date
2024-02-26
Last date published
2024-04-16
Category
Administrator Guide
Abstract

Learn how to monitor Cortex Gateway permission management activities.

The Gateway allows you to manage the user roles and permissions across your Cortex XSIAM CSP accounts. To track your permission management activity, in the Cortex Gateway Cortex Gateway, navigate to <User Name> and select Management Auditing.

Note

You must have Account Admin role permissions to access the Management Auditing page.

The Management Audit Logs fields describe the following information:

Field

Description

Description

Log message describing the action taken and on which tenant. To filter according to a tenant, use the contains operator.

Email

Email of the user who performed the action.

Result

The result of the action: Success, Fail, or N/A

Severity

Severity associated with the log:

  • Critical

  • High

  • Medium

  • Low

  • Informational

Subtype

Additional classification of permissions log.

Timestamp

Date and time when the action occurred are displayed in UTC.

Type

Type of action, Permissions or Roles.

User Name

Name of the user who performed the action.