CloudGuard Dome9 Help

Visualize Activity

The Log.ic Explorer


CloudGuard Log.ic is a tool to search for and visualize events of interest in the network traffic or event activity of AWS cloud accounts. It gathers and presents information from AWS logs for the cloud accounts, enriched with information from additional sources such as threat intel feeds, and IP reputation and geolocation databases. 

The Log.ic Explorer visualizes the log information in an intuitive, near-realtime view. There are two main views in the Explorer. You can view to view network activity, from VPC flow logs, in the Network Logs view, or activity on our account resources, from CloudTrail logs, in the Account Activity view.

The Explorer shows information based on queries. Log.ic includes many built-in queries for a variety of scenarios, which you can select. You can also build custom queries, using the intuitive Dome9 GSL query language. See Log.ic Queriesfor more about queries.

Benefits

  • quickly identify unwanted network traffic, from unknown or suspicious sources
  • identify gaps in cloud security settings or misconfigurations
  • monitor and analyze user activity on your cloud environments for unusual behavior

Log.ic Explorer Views

The Explorer has these views, showing different types of activity in your account.

Actions