Smart Access Gateway (SAG) supports the intelligent audit feature. This feature enables the system to automatically record operations performed in the SAG console. The records are stored as audit entries that you can subscribe to and can be periodically sent to specified email addresses. This topic describes how to work with intelligent audit.
Audit entries
- Log on to the SAG console.
- In the top navigation bar, select the region.
In the left-side navigation pane, choose Smart Access Gateway > Intelligent Audit.
On the Intelligent Audit page, you can filter audit entries by a specific query condition, view audit entries, and download audit entries.
Filter audit entries
On the Audit List tab, select a query condition and click the icon. Audit entries are filtered based on the specified query condition.
View audit entries
Find the audit entry that you want to view and click More in the Details column. Details about the audit entry are displayed in the Details panel.
Download audit entries
In the upper-right corner, click the icon to download all audit entries to an on-premises machine.
Create a subscription task
You can subscribe to audit entries, which are sent to specified email addresses.
You can create at most five subscription tasks.
After you create a subscription task, it is enabled by default.
You can also manually export audit entries to specified email addresses. For more information, see Manually export audit entries to specified email addresses.
- Log on to the SAG console.
- In the top navigation bar, select the region.
In the left-side navigation pane, choose Smart Access Gateway > Intelligent Audit.
On the Intelligent Audit page, click the Audit List tab and then click Subscribe.
In the Create Subscription dialog box, set the following parameters and click OK.
Parameter
Description
Email Address
Enter the email addresses to which audit entries are sent. You can specify multiple email addresses and separate them with commas (,).
Send At
Specify the time when you want the system to send audit entries. Audit entries are sent to the specified email addresses at the specified time.
Each email can contain at most 100,000 audit entries. If the number of audit entries exceeds 100,000, they are sent through multiple emails.
SAG Instance ID/Name
Select the SAG instances from which the audit entries are collected. By default, all SAG instances in the current region are selected.
Source
The source is the IP address of the client that performs this operation. The default value All is selected.
Object
The objects that are audited. You can select all objects. Valid values:
ImportantOnly the objects that are configured in the SAG console are displayed.
Access control
Cloud Connect Network (CCN) configurations
Flow logs
Network configurations
Quality of service (QoS) policies
Instance configurations
SAG app configurations
Application acceleration
Device configurations
What to do next
Operation | Procedure |
Manually export audit entries to an email address | You can manually export audit entries to specified email addresses.
|
View the subscription task details | After you create a subscription task, you can view its details.
|
Modify a subscription task | You can modify the configuration of a subscription task.
|
Disable a subscription task | If you temporarily do not need to receive audit entries, you can disable the subscription task.
|
Enable a subscription task | After you create a subscription task, it is enabled by default. You can enable a disabled subscription task to receive audit entries.
|
Delete a subscription task | If you no longer need to receive audit entries, you can delete the subscription task. Before you delete a subscription task, you must disable the subscription task first. For more information, see Disable a subscription task.
|