Lets Talk

Log Tags

Estimated reading: 1 minute 4 views

Overview

Log tags help classify audit events during review, investigation, or follow-up.

What this feature does

They mark events with labels such as reviewed, suspicious, resolved, false positive, or other internal categories depending on your workflow.

Why it is useful

  • It helps organize investigations.
  • It makes it easier to separate reviewed events from open items.
  • It supports a consistent security review process.

Who should read this?

RISE Admin, Security Officer, Support Manager.

Where to find it

Rise Audit Pro → Activity Log → Tag selector or row action, if enabled.

How to use it

  1. Open Activity Log.
  2. Find the event you want to classify.
  3. Apply the appropriate tag.
  4. Filter or review tagged events later if supported.
  5. Keep tag naming consistent across the team.

Example workflow

A security officer marks multiple failed login related events as suspicious and later marks them resolved after the IP is blocked.

Screenshot

Screenshot required
Capture from: Rise Audit Pro → Activity Log → Tag selector

Common mistakes

  • Creating too many tag meanings without documentation.
  • Using tags instead of notes when context is required.
  • Tagging sensitive events as resolved without actually reviewing them.

Related articles

  • Log Notes
  • Failed Login Monitoring
  • Alert Rules Overview
Share this Doc

Log Tags

Or copy link

CONTENTS
Shopping Basket