Unified Log View

The Unified Log View provides an integrated view of security logs directly within the Harmony SASE platform. It allows easy monitoring, searching, and filtering of Harmony SASE related security events.

To view the Unified Log View page, access Harmony SASE and go to Monitor & Logs > Unified Log View.

Notes: The Unified Logs limit the number of events to 300 per search. When you search, use exact matches by placing the value in quotation marks (""). Example: resource:"https://go.microsoft.com/fwlink/"

Supported Events

The Unified Logs View supports these event types:

• URL Filtering and Application Control

• Threat Emulation

• Malware Protection

• Anti-Bot

Statistics

The Statistics panel provides a visual summary including these:

• Event distribution by Blade Type

• Breakdown by Actions:

  • Accept

  • Block

  • Detect

  • Skip

• Source IP distribution

Logs

Column	Description
Time	Timestamp when the event occurred.
Blade/Practice Type	Specific security module responsible for the event, for example, URL Filtering and Malware Protection.
Action	Security action taken: Accept - Accepts the event Block - Blocks the event Detect - Detects the event Skip - Bypasses the event
Severity	Severity level of the event.
Source/Destination IP	Network endpoints involved.
Resource	URL or resource accessed.
User	User name.

Card

You can click on a specific log entry to open a detailed log card, which provides:

• Complete event description.

• Session details, such as ports, URLs, downloaded data and so on.

The card offers an in-depth view for thorough analysis.