Clients log unauthorized device access instances and send the logs to the server. A client that runs continuously aggregates the logs and sends them after a 24-hour time period. A client that got restarted checks the last time the logs were sent to the server. If the elapsed time exceeds 24 hours, the client sends the logs immediately.
To keep the size of logs from occupying too much space on the hard disk, manually delete logs or configure a log deletion schedule. For more information about managing logs, see Managing Logs.
To view device control logs:
Logs > Networked Computer Logs > Security
Risks > View Logs > Device Control Logs
Networked Computers > Client Management > Logs > Device Control
Logs
Specify log criteria and click Display Logs.
View logs. Logs contain the following information:
Date/Time unauthorized access was detected
Computer where external device is connected or where network resource is mapped
Device type or network resource accessed
Target, which is the item on the device or network resource that was accessed
Accessed by, which specifies where access was initiated
Permissions set for the target
See also: