View changes history
The CHANGES page provides detailed information about rule-based changes made to security groups on all your onboarded AWS and Azure cloud accounts. You can use this data to track policy changes, perform root cause analysis and conduct entity audits.
Note: You must have a system role to access the Changes page.
To open the CHANGES page, click the 
CHANGES icon on the main menu on the left.
The CHANGES page loads, providing a summary of rule-based changes detected in security groups.
Changes tree
The Changes tree in the left panel lists your onboarded entities and lets you drill down to select a specific entity to see its list of security group changes.
Use the Changes search bar to quickly search for any entity in the Changes tree.
Selecting an entity in the Changes tree filters the list of security groups in the right panel to show only the details for that selection.
Changed Security Groups list
The Changed Security Groups list shows security groups that had additions, deletions, or edits made to their rules.
The list displays only groups found in the entity selected in the Changes tree and which match the filter criteria.
The Changed Security Groups list contains the following information:
|
Changed security group |
The name of the security group where a change occurred in one or more of its rules |
| Account Name |
(For Azure / AWS) The name of the subscription / account |
| VNet/VPC |
(For Azure / AWS) The virtual network where the change was detected. |
|
Total changes |
Total number of changes to the security group (added, removed and edited) |
|
Added |
The total number of rules that were added |
| Removed | The total number of rules that were removed |
| Edited | The total number of rules that were edited |
| Last change | The date and time of the last change to the security group |
Filtering the list of changed security groups
Use the filters provided above the Changed Security Groups list to refine the results to a specific subset of security groups.
You can filter the Changed Security Groups list based on the following criteria:
| Regions | Only show security groups located in selected regions |
| Date |
Only show security groups with changes made within a specified range of dates Note: By default the range is set to the last 7 days. Click on the calendar icon or type new days directly into the field to modify the time period. |
View rule changes
To see specific details about rule changes detected in a security group, select a security group appearing in the Changed Security Groups list. The Rule Changes Made list appears.
Each row begins with a 
, 
, or 
to indicate if the rule was Added, Removed, or Edited, respectively.
Tip: For edited rules, additions are highlighted in light blue and marked with a + and deletions in light grey and marked with a – in the column with the change.
In the above example, CloudFlow detected 2 deletions from one rule's Source IP addresses and 2 additions to another rule's Destination IP addresses.
Filter rule changes
Use the filters provided above the Rule Changes Made list to refine the results to a specific subset of rules.
You can filter rule changes based on the following criteria:
|
Free search |
Filter by partial or whole text strings appearing in any of the columns |
|
Operation type |
Filter by change operation: added, removed, and/or edited |
Clear your browser's cache