How to Track Administrative Logon and Configuration Activity History in Prisma Cloud?
15342
Created On 12/27/21 02:29 AM - Last Modified 01/11/22 15:38 PM
Objective
- How to Track Administrative Logon and Configuration Activity History in Prisma Cloud?
Environment
- Prisma Cloud Console (UI)
Procedure
- As part of compliance requirement for organisations, companies need to demonstrate they are pro-actively tracking security issues and taking steps to remediate issues as they occur.
- Prisma Cloud Audit Logs section enables companies to prepare for such audits and demonstrates compliance.
- The Audit logs list all actions initiated by Prisma Cloud administrators.
- It lists who did what and when, to help identify any configuration changes and activity initiated on a cloud account of behalf of the administrator who initiated the action.
- To access audit logs, select Settings > Audit Logs.
- For more information on this, refer: View Audit Logs
- For a Video Tutorial on How to Download the Audit Log Report, refer: How to Download the Audit Log Report on Prisma Cloud
Additional Information
- To track Administrative Activity Audit Trail in Prisma Cloud Compute, refer: Administrative Activity Audit Trail
- Currently, there exists a Feature Request (no ETA at this time) for limiting the number of login failures when logging in through SSO In Prisma Cloud : PANW-I-3188
- A similar Feature Request can be submitted here, for our respective teams to evaluate the feasibility of including the feature: https://prismacloud.ideas.aha.io/ideas/