Introduction
Authentic8 Silo collects certain log data to provide administrators with visibility into their users’ activities. Logged data includes: user’s navigation history, administrator actions, authentication events, session parameters, web form post data (if logs are encrypted). Customer specific log data is stored for 90 days after which it is deleted from Authentic8 databases. In addition to programmatic API access to this data, Log data can be extracted from the Admin Console of Silo application.
Steps
From the Admin Console, click the Manage button.
The Log window opens,
1. Select a Start date (required), the End date is optional.
2. Click the drop-down menu and select a format.
3. Select ‘Download customer encrypted Logs’ or ‘Download clear text logs’. If you select ‘Download customer encrypted Logs’, go to Step 5.
4. If you select ‘Download clear text logs’, select a log type (required)
5. Click the Download button.
Log Type*
Log Type | Description |
| Admin Audit | This log records all administrators’ change activities within the Silo Admin Console. Who made the change (username), when the change was made (timestamp) and what was changed (including before and after values) |
| Auth | Authentication logs contain entries of users’ authentication attempts such as PIN Authentication method for users created prior since early 2013); SAML Auth |
| Blocked URL | Blocked URL data tracks the access of sites/domains prevented from Category or Domain Filtering policies. |
| Cookies | Cookie data is part of a normal URL request, but the data is considered sensitive. URLs are always logged, but the sensitive data is only logged when Encrypted Logs policy is Enabled and, therefore, is only present in decrypted logs. |
| Download | Download logs contain info of user file download activities and file info. |
| Exploits | Generates a log when an exploit is discovered while downloading a file to the local computer. The delivered values will change based on if the user decides to download the malware. |
| Post Data | Post data (form posts only) is sensitive so only logged when Encrypted Logs is Enabled. It may or may not map to a URL entry. The post method specifies a destination, but the response page is usually different than the target of the post. Not all form posts result in a traditional post, and Silo does not gather all xhr posts because this would result in a large amount of useless data. |
| Harvester | Logs are written for task creation, completion, and deletion. Collector still logs as type HARVEST; it parallels the logging of extapi. |
| Isolate Bypass | Isolation Bypass logs contain user web site navigation details where this policy has been configured to render websites outside of Silo |
| Location Change | Location change data tracks the changes to the address in the location bar (URLs bar). Sites accessed via Google search queries are tracked as well. |
| PRINT logs contain information about printing activities. | |
| Secure Storage (A8SS) | A8SS logs contain information about activities and files in Secure Cloud Storage. |
| Session | Session logs contain detailed information of user sessions for all product type (Silo and Toolbox) |
| SMS | SMS Logs contain details of SMS transactions with the platform. |
| Translation | Translation logs track information about page/content translated within Silo and Toolbox sessions. |
| Upload | Upload logs contain info of user file upload activities and file information. |
| URL | URL logs contain user web site navigation details. |
*For additional information, please refer to Silo Logs Reference Guide.
Additional Notes
Please contact Support if you have any additional questions and/or require further information.