Viewing Device Control Logs | Trend Micro Service Central

Views:

Note

Only attempts to access Storage Devices generate log data. Security Agents block or allow access to Non-storage Devices as configured but do not log the action.

Procedure

Go to Logs → Agents → Security Risks or Agents → Agent Management.
In the agent tree, click the root domain icon () to include all agents or select specific domains or agents.
Click Logs → Device Control Logs or View Logs → Device Control Logs.
Specify the log criteria and then click Display Logs.
View logs. Logs contain the following information:
- Date/Time unauthorized access was detected
- Endpoint where external device is connected or where network resource is mapped
- Endpoint domain where external device is connected or where network resource is mapped
- Device type or network resource accessed
- Target, which is the item on the device or network resource that was accessed
- Accessed by, which specifies where access was initiated
- Permissions set for the target
To save logs to a comma-separated value (CSV) file, click Export to CSV. Open the file or save it to a specific location.