Log Management

Apex One keeps comprehensive logs about security risk detections, events, and updates. Use these logs to assess your organization's protection policies and to identify Security Agents at a higher risk of infection or attack. Also use these logs to check agent-server connection and verify that component updates were successful.

Apex One also uses a central time verification mechanism to ensure time consistency between Apex One server and agents. This prevents log inconsistencies caused by time zones, Daylight Saving Time, and time differences, which can cause confusion during log analysis.

The Apex One server receives the following logs from Security Agents:

• Viewing Virus/Malware Logs

• Viewing Spyware/Grayware Logs

• Viewing Spyware/Grayware Restore Logs

• Viewing Firewall Logs

• Viewing Web Reputation Logs

• Viewing Suspicious Connection Logs

• Viewing Suspicious File Logs

• Viewing C&C Callback Logs

• Viewing Behavior Monitoring Logs

• Viewing Predictive Machine Learning Logs

• Viewing Device Control Logs

• Viewing Scan Operation Logs

• Viewing Data Loss Prevention Logs

• Viewing Security Agent Update Logs

• Viewing Connection Verification Logs

The Apex One server generates the following logs:

• Apex One Server Update Logs

• System Event Logs

The following logs are also available on the Apex One server and Security Agents:

• Windows Event Logs

• Apex One Server Logs

• Security Agent Logs