Log Inquiry
DeepFinder records various activities occurring in the system to support administrators in monitoring and analyzing them. Administrators can track system change history through audit logs and identify abnormal web requests and attack attempts by analyzing security logs. This log data is utilized as essential baseline material for responding to security threats and establishing appropriate security policies.
DeepFinder generates and manages four types of logs based on their purpose: SYSTEM LOG, EVENT LOG, AUDIT LOG, and SECURITY LOG.
| Item | Description |
|---|---|
| SYSTEM LOG | Records the overall operational status of the system, including the connection status and communication history between managed hosts, the Server, and Agents. |
| EVENT LOG | Records major events requiring administrator attention, such as system status changes, resource threshold exceedances (CPU/Memory/Disk), and failures. |
| AUDIT LOG | Records all management activities performed by administrators accessing the Manager Console, such as logins, policy settings, and changes. It ensures transparency of administrator actions and serves as audit trail data to identify unauthorized access attempts or misuse. |
| SECURITY LOG | Records detailed particulars of web attacks and abnormal behaviors detected or blocked by Agents according to security policies. It is used as a basis for identifying threats and refining security policies by analyzing attack types, source IPs, target URLs, etc. |