Security Event Configuration

The Security Event Configuration feature is part of security information and event management (SIEM) that combines security information management (SIM) and security event management (SEM).

To view the Security Event Configuration landing page, your access group must include a role that includes the pzViewSecEventEconfigLP privilege.

Use the Security Event Configuration landing page to automatically log security events. Security events include actions performed by any requestor who accesses the application, data accesses or changes, security policies changes or security-related rules or landing pages, and so on. With the log security events you can then monitor inappropriate access to your data or system.

All security events include the following information:

  • Date and time
  • Application name
  • Node
  • IP address
  • Tenant ID
  • Operator ID
  • Event class (authentication or authorization)
  • Event type

Authorization events can also include the following information:

  • The entered search string
  • The class, ID, and class- of the case state:
    • Open
    • Unopened
    • Blocked by an access policy
  • Report name, class, and filter condition.