Analytics & Logs
      Back to home
      1. Support Center
      2. Safous ZTA Admin Guide
      3. Analytics & Logs

      Safous ZTA Logs

      Safous ZTA has 3 types of logs: Activity logs, Audit logs, and System logs that can be accessible via the Admin Portal on the Analytics > ZTNA. Safous ZTA platform allows the administrator to download each log type in CSV or JSON. Below is a description of each type of logging system.

      Activity Log

      The Activity log manages and reflects all the actions that are performed by users as it relates to applications. The Activity logs are displayed in a table. On the right side of the Username, Application, and Status Column, there is a boolean search option for data displayed in the columns that appear in the logs. On the top right side of the table, there is a calendar to select the period of time in which the data should be presented.

      The Activity log table presents data with the following columns:

      • Date and Time: Date and time that the event occurred, in local time

      • App Gateway: The ID number of the App Gateway in which the event occurred.

      • User name: User name.

      • Authority: Which policy is implicated in the user’s activity, e.g., “login_policy,” “users_policy,” “console_policy,” “supervisor_policy,” or “general”.

      • Application: Displays the application connected to the activity.

      • Status: What occurred as a result of the action, e.g., user logged in, or user was allowed access to application, or user denied access, or user logged in to <server_ip> using rdp (for RDP application),

      • Country: Defined based on the public IP location of relevant users.

      • IP Address: The IP address used for the logged activity.

      Audit Log

      The Audit log manages the results of actions performed by the Administrator that are performed in Safous ZTA, displayed in a table. On the top right side of the table, there is a calendar to select the period of time in which the data should be presented.

      The Audit log table presents data with the following columns:

      • Date and Time: Date and time that the event took place, reflected in the Administrator’s local time.

      • Username: Username.

      • Action: Includes three options: create, update, or delete for any particular activity.

      • Object Type: Includes users, simple_group, dynamic_group, mapping, mapping_category, policy, sites, console_roles, recording_roles, certificates, idap_saml, webhook, api_keys, and system_secrets. Mapping, API keys, policy, configuration, openID.

      • Object Name: For example, the name of the policy given by the Admin when the policy was created.

      • Result: Success or failure.

      System Logs

      System logs record events when said event occurred, where that event occurred (Authority), and details about the event. On the top left-hand side of the table, there is a boolean search option for data displayed in the columns that appear in the logs. On the top right side of the table, there is a calendar to select the period of time in which the data should be presented.

      The System log table presents data with the following columns:

      • Date and Time: Date and time that the event occurred, in local time.

      • App Gateway: The ID number of the App Gateway in which the event occurred.

      • Authority: The entity that has permission to perform a particular action, e.g., “health check”, “system alert”, “system,” or “cloud provider".

      • Application: Shows the application connected to the event.

      • Status: What occurred as a result of an event, e.g., an App Gateway was disconnected, system update, timeout, or failed to sample mappings.