What is Audit Mode and how to configure it in products based on Aether

Audit mode monitors the processes run on Windows, macOS, and Linux computers, and detects and notifies threats.

When you enable audit mode in a settings profile, detected threats are not blocked or deleted. This behavior affects all the protections for the computers that you assign the settings profile to.

IMPORTANT! We recommend that you limit the use of audit mode as much as possible to minimize the time your computers are exposed to the threats detected.

IMPORTANT! We recommend that you limit the use of audit mode as much as possible to minimize the time your computers are exposed to the threats detected.

To enable audit mode:

1. Select Settings from the top menu. Select Workstations and servers from the side menu.
2. Select the settings profile for which you want to enable audit mode.
3. Select Audit mode. Enable the toggle.
4. Click Save. A message appears at the top of the Edit settings page, indicating that you have enabled audit mode for the settings profile.

Viewing computers in Audit mode
The Protection status widget shows the number of computers that have Audit mode enabled. Click the text on the widget to go to the Risks by computer list filtered by the Audit mode enabled risk.

Help nº- 20230601 700150 EN