Documentation forSecurity Event Manager

Filter and export event logs

You can filter and export your event logs to a CSV file from the SEM Console. Use CSV files to attach search results to a help ticket, share with members of your team, archive data for historical reference, and more. Each exported record includes the date, time, severity level, IP address, node, source, and message.

  1. On the SEM Console, select Live Events.
  2. Set your search parameters, and then initiate your search. The number of returned events appears above the Live Mode toggle button.

    You can export records from live mode, paused mode, and historical search. The number of returned historical events is determined by your search results threshold on the Settings page.

  3. Below the console toolbar, click Export.

    Change the location and name of the download file if necessary. and click Save.. By default the file will be named yyyy_mm_dd_hhmm.csv

    SEM exports the CSV file containing the search results to your local system.