Session Logs
2 min
sessions logs contain the actions carried by the user in the endpoint it displays which applications are launched and whether it was allowed, blocked, or elevated by the agent an example of a session log is shown below logs can be seen on session based in the session log tab or individually in the command logs tab session logs or command logs can be filtered by “windows agent” , as other protocols may also write to these logs users can access the session details by clicking the button on the right side for the agent to record a session video, the “record session” setting must be enabled via the agent group this means the setting must be applied to the agent before the end user logs in if the setting is enabled after the user has already logged in, the video recording will not start for that session in the session log details, you can also view which rule triggered the blocking, allowing, or elevation of an application as shown above additionally, details such as the hash, vendor, version, certificate hash, and more are reported to pam these can be viewed in the session log details