Reviewing logs

Admin can review various logs generated for user activities.

  • API: Logs generated by cloud apps as seen on the Analyze > Logs > API dashboard page.
    • Cloud Summary: Displays the current status of the files in the applications.
    • Cloud Audit: Displays every scan result for each file in your corporate account.
  • Proxy: Logs generated by application activity as seen on the Analyze > Logs > Proxy dashboard page.
  • Admin: All admin events within the admin portal as seen on the Analyze > Logs > Admin dashboard page.
  • SWG Web: Logs generated from general web traffic from users using the SmartEdge agent, pulls logs from the Analyze > Logs > Web dashboard page.
  • SWG DLP: Logs generated from DLP specific policy actions under the Web Browsing Policy actions as seen on the Analyze > Logs > Web DLP dashboard page.
  • Health: The Health dashboard allows admins to identify if issues that users encounter are brought on by Forcepoint ONE SSE or the backend server (for example, Google, Exchange, Salesforce, etc). You can access the System and Proxy Health Logs by navigating to Analyze > Logs > Health.
  • ZTNA: The ZTNA Logs page is where all the ZTNA events by the end-users are displayed. You can access the ZTNA logs page by navigating to Analyze > Logs > ZTNA.