Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 22 Next »

The Log Management screen only contains information about virtual machines that have been fully provisioned with the Armor Agent and the log management service enabled.  

The Armor user interface only retains log status and details for the last 90 days.  

 

View log status and details

Instead of logging into your virtual machine, you can use the Log Management screen to review information about your Armor Agent, such as log status and event types. You can use this screen to identify a problematic Armor Agent and act accordingly.

  1. In the Armor user interface, in the left-side navigation, click Security
  2. Click Log Management
  3. (Optional) Use the filter function to customize the data displayed. 
  4. Click the corresponding gear icon, and then select Details
  5. (Optional) Use the filter function to customize the data displayed. 
    • You can search by Event Type and Size
    • You can also enter specific search parameters, and then click the magnifying glass icon to filter.  

Export logs

You can export logs to analyze the logs offline. You can also provide this information to your auditor. 

  1. In the Armor user interface, in the left-side navigation, click Security
  2. Click Log Management
  3. (Optional) Use the filter function to customize the data displayed. 
  4. Under the table, click CSV.
  5. You have the option to export all data (All) or only the data that appears on the current screen (Current Set). 
Data TypeData Detail
Vm NameThis data shows the name of the Armor Agent.
Last Log DateThis data shows the last date that Armor received logs. A blank entry indicates that the action has never taken place.
Vm ProviderThis data shows if you are an Anywhere or Complete user. If Armor cannot determine your specific envrionment, such as AWS or Azure, then by default, this entry says Anywhere.
Vm Location

This data shows the virtual data center that hosts your data. Armor has data centers in:

  • Dallas, Texas
  • Phoenix, Arizona
  • London
  • Amsterdam
  • Singapore
RetentionThis data shows how long logs are stored in the Armor user interface.
Average SizeThis data shows the average log size.
Agent Status

This data shows the status of your Armor Agent.

Online - This status means the Armor Agent is active and has sent logs within the last hour.

Warning - This status means the previous 24-hour log volume has exceeded the 7-day moving average by 10% or more.

Critical - This status means the Armor Agent has not sent logs within the last hour.

Offline - This status means that the Armor Agent, and possibly the virtual machine, is offline.

 

 


 

Upgrade log storage

  1. In the Armor user interface, in the left-side navigation, click Security
  2. Click Log Management
  3. (Optional) Use the filter function to customize the data displayed. 
  4. Click the corresponding gear icon, and then select Upgrade Log Storage

 

 



In this topic



Have a suggestion for the Armor Knowledge Base? Send a message to kb@armor.com.