.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Add New Configuration DialogAdd New Configuration Dialog
In the NetWitness Platform XDR, Administration System view Global Audit Logging Configurations panel, you can create multiple global audit logging configurations. These configurations are used to forward global audit logs to a central location to perform user audits.
Procedures related to global audit logging are described in Configure Global Audit Logging.
To access the Add New Configuration dialog:
- Go to select
(Admin) > System. - In the options panel, select Global Auditing.
-
In the Global Audit Logging Configurations panel, click
.The Add New Configuration dialog is displayed.
The Notifications section enables you to select a syslog notification server for the global audit logging configuration and a template to use for the global audit logs. The template defines the details of the global audit log entries.
FeaturesFeatures
The following table describes the features in the Add New Configuration and Edit Configuration dialogs.
User Actions LoggedUser Actions Logged
The following table provides examples of some of the user actions logged from NetWitness. These actions are the minimum user actions logged when applicable.
The following table shows examples of internal audit logs logged from NetWitness
The following table shows examples of Global Audit Logs using the default Common Event Format (CEF) template. After you create a Global Audit Logging configuration, audit logs automatically go to the external syslog system in the format specified in the selected Audit Logging template.
The following table shows examples of global audit logs using the default human-readable format template on a third-party syslog server.