Events Viewer
Filter and review security events associated with end-user activity in your Cloud Secure Edge organization
- Updated on Jul 17, 2025
Overview
Events allows admins to filter and explore lists of events associated with end user activity in a Cloud Secure Edge (CSE) organization.
Filter Events
Learn more about the Event data structures in the Event Spec - Syntax and the Get Events API endpoint.
Use the Filter by… to sift through your CSE organization system log according to:
- Event Type - Registration, Identity, Access, Trust Scoring, Audit
- Actions - Unauthorized
- Event Severity - Error, Warn, Info, Debug
- User Email - User’s email address
- Device Serial Number - Device serial number
- Service Name - Name of the service (if applicable)
- Service Tunnels - Name of each Service Tunnel
- Event ID - Unique ID for the event
- External ID - A tracing identifier that was generated external to Banyan Command Center (for example, state value in OpenID Connect authentication requests)
Example: Show denied access attempts for a user
To show access events that were denied for a certain user within the last week, set the date range to Last Week and then filter events in the following order:
- Event Type: Access
- Event Severity: ERROR
- User Email: (user email address)
Example: Show device registrations and unregistrations for a user
To show successful registrations and unregistrations for a single within the last week, set the date range to Last Week and then filter events in the following order:
- Event Type: Registration
- Event Severity: INFO
- User Email: (user email address)
Event Logging Retention
- In the Cloud Secure Edge Command Center, the previous 2 weeks or the last 10 thousand events are stored (whichever comes first).
- For Connector or Access Tier, the log files rotate: the default is to retain 5 log files; the rotation occurs when the log file reaches 50 Mb.