The Device Logs section provides a detailed record of every system, security, and compliance-related action taken on individual devices. While Event Logs focus on administrative actions, Device Logs give IT teams visibility into what’s happening directly on endpoints — making it critical for real-time monitoring, auditing, and troubleshooting.
1. Accessing Device Logs
From the sidebar, navigate to Activity → Device Logs.
Here you’ll see a chronological table of all device-level activities, including authentication attempts, geofence triggers, security status changes, and performance alerts.
2. Device Log Structure
Each log entry provides granular details across multiple columns:
Device log name – The action recorded (e.g., “Device Locked,” “Out of Geofence”).
Category – Type of event (e.g., Security & Compliance, Device Health & Performance, Geofence, Enrollment).
Device – The specific device tied to the log.
Level – Severity rating:
Critical – Urgent issues requiring immediate attention.
Warning – Issues that may impact compliance or performance.
Info – Informational or routine events.
Date & Time – Timestamp for precise auditing.
3. Viewing Device Log Details
Click on any entry to expand it into a detailed view. This includes:
Device Name and Model
Severity Level and Result (e.g., Critical – Success/Failure)
Assigned User and Group
Date & Time of Event
Additional Metadata (e.g., Serial Number, Ownership Type)
This view is especially helpful for investigating security incidents such as geofence violations or encryption failures.
4. Filtering and Searching Logs
The filter system allows admins to pinpoint events with precision. You can apply multiple filters simultaneously:
Device log name → Search by specific log type.
Category → Filter by event type (e.g., Enrollment, Security & Compliance, Geofence).
Level → Critical, Warning, Info.
Date → Narrow results by custom date range.
Filters can be stacked to find highly specific log sets — for example, “Critical security logs for macOS devices in the last 7 days.”
5. Exporting Device Logs
Admins can export logs for compliance audits or offline analysis. The Export Data window lets you:
Select a date range.
Choose which columns to include (Device name, Serial number, Ownership type, Assigned to, Description, etc.).
Export in a structured format for reporting or SIEM integration.
This ensures compliance with regulations such as ISO 27001, HIPAA, or internal audit requirements.
6. Use Cases
Device Logs are essential for:
Compliance Audits – Validate encryption, firewall, and password policy enforcement.
Threat Investigation – Trace device behavior during incidents.
Geofence Monitoring – Detect when devices leave restricted zones.
Performance Troubleshooting – Identify recurring device health issues.
User Accountability – Review which device actions are tied to which users.
✅ In summary: Device Logs complement Event Logs by giving IT teams deep visibility into device-level actions, from security status to performance events. Together, they form a comprehensive activity history that strengthens compliance, improves auditing, and speeds up incident response.