Starting March 31, users can access a complete audit log of all writing activities within the system. This includes policy adjustments, system setting changes, and threat responses. A complete list of audited actions included in the initial release is provided below.
Feature Availability
Cloud Clients
Available on cloud.cyfox.com starting March 31
On-Premises Clients
Available with CYFOX version 2.03.35
Audited Actions in the Initial Release
Category | Actions |
Event Response | Creating, modifying, or deleting event response rules. |
Host Groups | Adding, modifying, or deleting host groups. |
Mitigations | Logging actions related to releasing files from quarantine. |
Network Scanning | Updates to network configuration settings. |
Port Profiles (Soon) | Creating, modifying, or deleting port profile rules. |
IDS Configuration (Soon) | Updating profile switches, rules, or proxy settings. |
Notifications (Soon) | Adjusting rules, including SMTP settings and mailing group modifications. |
FIM Subscription (Soon) | Adding, modifying, or deleting File Integrity Monitoring (FIM) rules. |
Domain Controller Rules (Soon) | Adding, modifying, or deleting domain controller (DC) rules. |
Event Subscription (Soon) | Modifying any rule for any host. |
Authorized Software (Soon) | Adding, modifying, or deleting software profiles. |
Feature Usage
The audit log is available in two formats:
Full System Audit Log
Users can access the complete audit log by navigating to System Settings β Audit Log. This section provides a comprehensive list of all system-wide audit actions.Category-Specific Audit Log
Each category includes a dedicated Audit Log link next to its title. Clicking this link opens the audit log filtered for that specific category.
Example: Viewing Audit Logs in the Event Response Section
For the purpose of this explanation, the following examples use the Event Response section. To view:
Open the Event Response section.
Click Audit Log next to the section title (Server Policy or Agent Policy).
The audit log for Event Response appears, showing all logged actions sorted by date.
Users can export logs to an Excel file by clicking the Export button next to the Audit Log section.
If exporting from the full audit log, all system-wide logs will be included.
If exporting from a specific category, only logs for that category will be exported.
Important Note!
Audit logs are not recorded retroactively. Any configuration changes made before the feature launch on March 31 will not appear in the audit log. Only actions recorded after the launch will be included.