Go to Logs.

From the Current organization drop-down list, select an organization to view the log data of the organization or All organizations to view the aggregated data of all the organizations.

Note: To view aggregated log data of specific organizations, select All organizations and then specify the organizations from the facet area.

Specify search criteria in either of the following ways.

Select facets from the left-side area.

Log facets vary with each log type you select.

Note:
A maximum of 10 items can be displayed under most facets, and a maximum of 50 items can be displayed under Virus Name.
Specify facets in the Search bar. This allows you to select one or several facets and specify keywords to query items on a more fine-grained level.

Search criteria are described as follows:
- Facets vary with each log type you select.
- The NOT logic is not supported.
- Keywords are case insensitive.
- Wildcards are not supported.
- One facet can be selected for more than one time and specified with different keywords as necessary. The logs that meet either keyword will be queried and displayed. When different facets are selected and specified, only the logs that meet all the facets will be queried and displayed.
- Partial matching is supported for non-time related facets. You can select a facet and type the first few letters of a keyword to query.
- Only exact matching is supported for time-related facets. You need to type the time exactly in the MM DD, YYYY HH:MM format you see in the corresponding column.
  
  This includes Timestamp, Message Arrival Time, and File Modification Time.
  - Timestamp: Date and time when Cloud App Security took an action on an email message or file
  - Message Arrival Time: Date and time when an email message was received
  - File Modification Time: Date and time when a file was uploaded or last modified
- The All Fields facet supports querying Timestamp and all the other facets.

Select a date range from the Select Date Range drop-down menu.

Click Search.

Searching Logs