North America
  • North America
  • Europe
  • United Kingdom
  • Asia & Pacific
  • Australia
  • South America
  • Africa

How to export security logs from Endpoint Manager

Release Time
36 times
Security Sub-System

  • Click 'Security Sub-Systems' > 'Security Dashboards'
  • The security dashboard is a list of all security-related events on managed Windows endpoints.
  • Security events can be generated by the antivirus, containment and application-control modules.
  • For example, a security event is created when:
    • Malware is detected
    • Files are blocked, moved to quarantine, or ignored
    • Files are restored/removed from quarantine 
    • Files get rated as trusted or submitted as a false positive
    • Files are run in the container
    • ...and more
  • Each log shows the name of the file responsible for the event, the action that caused the event, the severity of the event, the devices affected, and more.
  • 'Security Dashboards' has two tabs:
    • Event View - shows all logged events in chronological order
    • File View - all events concerning a particular file are grouped together
  • You can export both the event and file views to .csv file
  • You can download and view the exported file in 'Dashboard' > 'Reports'


Step-by-step process

  • Login to ITarian
  • Click 'Applications' > 'Endpoint Manager'
  • Click 'Security Sub-Systems' > Security Dashboards
  • Select the 'Event View' tab to view all records in chronological order
  • Select the 'File View' tab to view all events concerning a particular file grouped together
  • Click ‘Export’ > 'Export to CSV' to generate your report:

  • You will see a confirmation message at top-right:

Download the report

  • Click 'Dashboard' > 'Reports'
  • Select the file you generated earlier
  • Click the 'Download' button:

  • An example report is shown below: