Media Log
The Media Log setting defines when Media Encryption & Port Protection creates log entries when a storage device is attached to an endpoint computer. You can select one of these predefined log actions:
| Action | Description |
|---|---|
| Do not log security events | Disable all log entries. |
| Log only critical events | Create log entries only for events that are classified as critical. |
| Log critical and security events | Create log entries only for events that are classified as critical or security events. |
| Log all events | Create log entries for all events. |
You cannot define custom log actions.
This table shows the applicable Media Encryption & Port Protection events and their severity classification.
| Event ID | Description | Classification |
|---|---|---|
| 3 | Policy update completed successfully | Low |
| 7 | Device authorization successful | Low |
| 8 | Device authorization failed | Critical |
| 11 | Device access is blocked when attached to the endpoint computer | Critical |
| 15 | Encrypted storage created successfully | Low |
| 16 | Encrypted storage device removed | Critical |
| 20 | Device is attached to an endpoint computer and access is allowed | Security |
| 21 | A user follows the Ask User procedure to override a rule | Critical |
| 22 | A users does not follow the Ask User procedure to override a rule | Critical |
| 23 | A storage device file operation is blocked | Critical |
| 24 | A storage device file operation is allowed | Security |
You can define different log settings for Managing Devices.
Log entries are initially stored on client computers and then uploaded to the server at predefined intervals.