The Agent’s Windows Event Logs are provided to give you visibility into what the AutoElevate Agent observes and how it operates on the system. They can be ingested by a SIEM or syslog service to better automate events happening within AutoElevate.

Some of the events do contain but are not limited to the same information shown on the Admin Portal’s Events screen.

The Agent’s Windows Event Logs Has the Following Benefits:

Troubleshooting Errors

Auditing technician authentication

Recording UAC events while offline

Tracking privilege elevation request

Tracking changes to certain security settings

Recording when a rule has been used

Documentation: https://support.cyberfox.com/360000239832-General-Troubleshooting/event-logging?from_search=140998083