Query the audit log

You view an object store's audit log by running a search for objects belonging to the Event class and its subclasses. Normally you enter specific criteria to just return the audit events you are interested in.

NOTE  The audit log could be extremely large, depending on how the object store is configured for auditing and on the size and activity of the object store. As a result, you might decide to restrict your query to a defined subset of the audit log.

To examine the audit log

  1. Right-click the Search Results node and select New Search from the menu.
  2. Select Event for the value of Select from Table.
  3. Use the other features of the Query Builder to define your query, including saving the query as a search or search template so you can easily run it again later.
  4. Click OK. The result set appears under the Search Results node.