The Web Security Service (WSS) portal (portal.threatpulse.com
) has a feature call Auditing.
The WSS logs some portal operations, including policy changes/deletion/execute, user login/logoff action, reporting audits, and so on.
Navigate to: Portal > Service > Account Maintenance > Auditing.
Find the related operation.
Object Type: PolicyRule/Report/User/..
Operation Type: Delete/Execute/Login/Logout/..
The ThreatPulse portal retains audit log data for two weeks. It is not possible to obtain data previous that time frame. Purging occurs on a daily basis for all audit events more that two weeks (14 days).
There is a Save as CSV
button (top-right corner) to download the current auditing report. However, there is currently no automation for this feature nor can you send an email attached with this report. You must perform manually every 2 weeks.NOTE:
There is also no notification on any operation action.