PaloAltoNetworks · atkkyamasaki · Mar 18, 2024
diff --git a/docs/en/enterprise-edition/content-collections/administration/view-audit-logs.adoc b/docs/en/enterprise-edition/content-collections/administration/view-audit-logs.adoc
@@ -134,3 +134,8 @@ Follow the steps below to enable audit log forwarding:
 +
 All new audit logs that are generated after you enable the integration will be sent to this channel. You can view the audit logs on *Settings > Audit Logs* on Prisma Cloud.
 
+[NOTE]
+====
+To minimize "noise" and log flooding, Prisma Cloud does not forward "Successful login" type audit log messages to external integrations. All other audit log types can be sent to any supported external integration such as Webhook or SQS. For example, the following audit log message will not be forwarded. screen:['[email protected]'(with role 'System Admin':'System Admin') logged in via password]
+====
+
-Original file line number
+Diff line change
@@ Expand Up / @@ -134,3 +134,8 @@ Follow the steps below to enable audit log forwarding: @@
     +
     All new audit logs that are generated after you enable the integration will be sent to this channel. You can view the audit logs on *Settings > Audit Logs* on Prisma Cloud.
+    [NOTE]
+    ====
+    To minimize "noise" and log flooding, Prisma Cloud does not forward "Successful login" type audit log messages to external integrations. All other audit log types can be sent to any supported external integration such as Webhook or SQS. For example, the following audit log message will not be forwarded. screen:['[email protected]'(with role 'System Admin':'System Admin') logged in via password]
+    ====