[management] Network traffic events docs (#291)

* Rename Network Activity Logging to Audit Activity Logging Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor the audit events doc Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add management traffic event doc Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Update audit events logging image Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Update event streaming image Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Update src/pages/how-to/traffic-events-logging.mdx Co-authored-by: Misha Bragin <bangvalo@gmail.com> * Update src/pages/how-to/traffic-events-logging.mdx Co-authored-by: Misha Bragin <bangvalo@gmail.com> * Update src/pages/how-to/traffic-events-logging.mdx Co-authored-by: Misha Bragin <bangvalo@gmail.com> * Update docs to clarify feature availability Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add link --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> Co-authored-by: Misha Bragin <bangvalo@gmail.com> Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2026-05-04 08:16:35 +00:00 · 2025-03-23 16:17:58 +03:00
parent 94a6853ce9
commit 7507b931d5
7 changed files with 54 additions and 8 deletions
--- a/src/pages/how-to/traffic-events-logging.mdx
+++ b/src/pages/how-to/traffic-events-logging.mdx
@@ -0,0 +1,45 @@
+# Traffic Events Logging
+
+<Note>
+This feature is available only in the NetBird cloud and on the [Business plan](https://www.netbird.io/pricing?utm_source=docs&utm_content=traffic-events).
+It is an experimental feature, and its functionality and behavior may evolve, including changes to how data is collected
+or reported.
+To use this feature, ensure you have NetBird client version 0.39 or higher.
+</Note>
+
+
+The traffic events logging functionality enables comprehensive monitoring and analysis of connections across your infrastructure.
+It captures network activity, including peer-to-peer, site-to-site, peer-to-resource, and other network traffic events.
+
+It provides detailed visibility into connections and network traffic flow, helping to answer key questions such as who initiated
+the connection, what resource was accessed, when it happened, where it originated, and why it was allowed. By enhancing
+network monitoring capabilities, it strengthens security measures and delivers actionable operational insights, empowering
+you to better manage and secure your environment.
+
+
+## Enabling Traffic Events Logging
+
+Traffic events logging is disabled by default. To enable it on the NetBird dashboard, navigate to `Settings > Networks`.
+Under the Experimental section, you’ll find the `Enable Traffic Events` option. Toggle the switch to enable traffic event logging.
+
+By default, traffic reporting in userspace is always enabled, providing basic logging of network interactions.
+However, packet size reporting at the kernel level is disabled by default to minimize CPU usage.
+
+<Note>
+You can optionally enable `Traffic Reporting (Kernel)` to capture additional details, such as network packet sizes,
+at the kernel level. Be aware that enabling this option may lead to higher CPU usage on the NetBird client.
+</Note>
+
+
+<p>
+    <img src="/docs-static/img/how-to-guides/traffic-events-logging-settings.png" alt="traffic-events-logging-settings" className="imagewrapper-big"/>
+</p>
+
+
+## Enable Traffic Events Streaming to SIEM Systems
+
+NetBird allows you to stream traffic events directly to your Security Information and Event Management (SIEM) system in real time.
+By enabling this feature, you can seamlessly monitor and analyze NetBird network flow events within your existing SIEM infrastructure,
+enhancing your ability to detect and respond to security events.
+
+For detailed instructions on supported integrations and how to set them up, refer to the [integrations guide](/how-to/activity-event-streaming).