---
title: "Security Events"
slug: "security-events"
updated: 2026-04-21T13:12:49Z
published: 2026-04-21T13:12:49Z
canonical: "support.perimeter81.com/security-events"
stale: true
---

> ## Documentation Index
> Fetch the complete documentation index at: https://support.perimeter81.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Events

The Security Events provides an integrated view of Security Events directly within the Check Point SASE platform. It allows easy monitoring, searching, and filtering of Check Point SASE related security events.

To view the **Security****Events**page, access Check Point SASE and go to **Monitor & Logs** > **Security Events**.

![](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/SecurityEvents_OverviewNew.png)

Notes:

- The Security Events limit the number of events to 300 per search.
- You can also search for additional parameters that do not appear as quick filters.  
For example:
  - The URL resource using***resource:"https://go.microsoft.com/fwlink/"***
  - The Destination Port by using ***dst_port: 443***
  - The Source Port by using***src_port:55321***
  - The Device name using ***device_name: "DESKTOP-123"***  
******![](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/SecurityEventsNotes(2).png)********

## Supported Events

The Security Events supports these event types:

- URL Filtering and Application Control
- Threat Emulation
- Malware Protection
- Anti-Bot
- Firewall Events

## Statistics

![](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/image-1751899257178.png)

The Statistics panel provides a visual summary including these:

- Event distribution by Blade Type
- Breakdown by Actions
  - Accept
  - Block
  - Detect
  - Skip
- Source IP distribution

## Events

![](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/Table_ULV.PNG)

| Column | Description |
| --- | --- |
| Time | Timestamp when the event occurred. |
| Blade/Practice Type | Specific security module responsible for the event, for example, URL Filtering and Malware Protection. |
| Action | Security action taken: - Accept - Accepts the event - Block - Blocks the event - Detect - Detects the event - Skip - Bypasses the event |
| Severity | Severity level of the event. |
| Source/Destination IP | Network endpoints involved. |
| Resource | URL or resource accessed. |
| User | User name. |

## Card

![](https://cdn.document360.io/44667c0c-50d7-412a-acbd-20d4a41c952e/Images/Documentation/Card_ULV(1).PNG)

You can click on a specific event entry to open a detailed event card, which provides:

- Complete event description.
- Session details, such as ports, URLs, downloaded data and so on.

The card offers an in-depth view for thorough analysis.

**