Administration Reports: Difference between revisions

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
No edit summary
 
No edit summary
Line 2: Line 2:
<span style="display:none" class="helpSource administration_reports">Administration_Reports</span>
<span style="display:none" class="helpSource administration_reports">Administration_Reports</span>


The Reports tab provides a view of all administration events.
=== Reports ===


All Administration reports can be accessed using the ''Select Reports'' window. All pre-defined reports will be listed along with any custom reports that have been created.
Reports can be searched and further defined using the time selectors and the ''Conditions'' window at the bottom of the page. The data used in the report can be obtained on the ''Current Data'' window on the right.
Pre-defined report queries:
{{#section:All_Reports|'Administration'}}
{{#section:All_Reports|'Administration'}}


=== Columns/Conditions ===
=== Columns/Conditions ===

Revision as of 17:50, 26 December 2016

Reports

All Administration reports can be accessed using the Select Reports window. All pre-defined reports will be listed along with any custom reports that have been created.

Reports can be searched and further defined using the time selectors and the Conditions window at the bottom of the page. The data used in the report can be obtained on the Current Data window on the right.


Pre-defined report queries: {{#section:All_Reports|'Administration'}}


Columns/Conditions

Conditions can be used to filter the traffic information shown in events. Each condition has a corresponding column that can be viewed in the events viewer. Multiple conditions can be added to drill down and inspect admin event data. For a list of conditions, refer to the admin_logins and settings_changes tables in Global DB Schema.


All Settings Changes

All Settings Changes is a report that provides a detailed view of any settings changes performed by an administrator on when upgrades are applied. This is available on all systems in the Config > Administration > Reports tab.

The Reports tab shows the timestamp when the change was made, username and hostname that made the change, and the settings files that were changed as a result.

By clicking the Differences button, you can see the exact changes that were made to the files. This uses a color coded ‘diff’ like feature to show the differences.

Red = Line was removed

Green = Line was added

Yellow = Line was changed

Port Forward Rule Example

The following shows an example of adding a port forward for DNS to the system.

Settings Change
Settings Change

First, you can see that the rule was added on 8/3/15 by the user admin from IP 10.24.24.40. The settings file that changed was network.js with the appropriate version-YYYY-MM-DD-time.js file name.

By clicking the Differences button, you can see all changes. For this instance, only the DNS rule was added and the changes are recorded as shown below.

Settings Change
Settings Change

Related Topics

Reports & Events

Manage Reports