netbirdio · mlsmaycon · Mar 23, 2025 · Mar 20, 2025 · Mar 20, 2025 · Mar 20, 2025
diff --git a/...atic/img/how-to-guides/activity-event-streaming/event-streaming-integration.png b/...atic/img/how-to-guides/activity-event-streaming/event-streaming-integration.png
diff --git a/public/docs-static/img/how-to-guides/activity-monitoring.png b/public/docs-static/img/how-to-guides/activity-monitoring.png
diff --git a/public/docs-static/img/how-to-guides/activity-monitoring.webp b/public/docs-static/img/how-to-guides/activity-monitoring.webp
diff --git a/public/docs-static/img/how-to-guides/traffic-events-logging-settings.png b/public/docs-static/img/how-to-guides/traffic-events-logging-settings.png
diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
@@ -158,7 +158,8 @@ export const docsNavigation = [
          {
              title: 'Activity',
              links: [
-                 { title: 'Network Activity Logging', href: '/how-to/monitor-system-and-network-activity' },
+                 { title: 'Audit Events Logging', href: '/how-to/audit-events-logging' },
+                 { title: 'Traffic Events Logging', href: '/how-to/traffic-events-logging' },
                  {
                      title: 'Stream Activity Events',
                      href: '/how-to/activity-event-streaming',

diff --git a/...o/monitor-system-and-network-activity.mdx → src/pages/how-to/audit-events-logging.mdx b/...o/monitor-system-and-network-activity.mdx → src/pages/how-to/audit-events-logging.mdx
@@ -1,6 +1,6 @@
-# Network Activity Logging
+# Audit Events Logging
 
-The network activity logging functionality in NetBird allows you to observe and track changes to your network infrastructure.
+The Audit events logging functionality in NetBird allows you to observe and track changes to your network infrastructure.
 This includes events such as when a new machine or user has joined your network, when access control policies have been modified,
 and many other key network events.
 
@@ -11,11 +11,11 @@ To get started with event logging in NetBird, watch this introductory video:
 <iframe width="560" height="315" src="https://www.youtube.com/embed/UlnMo1KYXPU?si=JdzEr9v2EZHlP7lc" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
 
 
-## Access the Activity Logging View
-The activity logging feature is enabled by default for every NetBird network. You can access the activity log in the web UI under the [Activity tab](https://app.netbird.io/activity). This view provides a centralized log of network events. You can use the search bar to search by activity name, and apply filters for timeframes, event types, and users.
+## Access the Audit Events Logging View
+The audit events logging feature is enabled by default for every NetBird network. You can access the activity log in the web UI under the [Audit Events tab](https://app.netbird.io/events/audit). This view provides a centralized log of network events. You can use the search bar to search by activity name, and apply filters for timeframes, event types, and users.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/activity-monitoring.webp" alt="activity-monitoring" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/activity-monitoring.png" alt="activity-monitoring" className="imagewrapper-big"/>
 </p>
 
 The current version of NetBird tracks a wide range of network changes that occur in the Management server, such as modifications to peers, groups, system settings, setup keys, and access control policies.
@@ -120,9 +120,9 @@ Future versions will also support connection events that occur in NetBird agents
     If the configuration files have been generated by the `configure.sh` script, you can find the previous encryption key in the backup files in the same folder as the script. Look for the <b>DataStoreEncryptionKey</b> field in the `management.json` backup file.
 </Note>
 
-## Enable Activity Event Streaming to SIEM Systems
+## Enable Audit Events Streaming to SIEM Systems
 
-NetBird can stream activity events to your Security Information and Event Management (SIEM) system in real-time. With this feature enabled, you can monitor and analyze NetBird network changes within your SIEM infrastructure. Check the [integrations guide](/how-to/activity-event-streaming) for more information about the supported integrations and how to enable them.
+NetBird can stream audit events to your Security Information and Event Management (SIEM) system in real-time. With this feature enabled, you can monitor and analyze NetBird network changes within your SIEM infrastructure. Check the [integrations guide](/how-to/activity-event-streaming) for more information about the supported integrations and how to enable them.
 
 ## Get Started
 

diff --git a/src/pages/how-to/traffic-events-logging.mdx b/src/pages/how-to/traffic-events-logging.mdx
@@ -0,0 +1,45 @@
+# Traffic Events Logging
+
+<Note>
+This feature is available only in the NetBird cloud and on the [Business plan](https://www.netbird.io/pricing?utm_source=docs&utm_content=traffic-events).
+It is an experimental feature, and its functionality and behavior may evolve, including changes to how data is collected
+or reported.
+To use this feature, ensure you have NetBird client version 0.39 or higher.
+</Note>
+
+
+The traffic events logging functionality enables comprehensive monitoring and analysis of connections across your infrastructure.
+It captures network activity, including peer-to-peer, site-to-site, peer-to-resource, and other network traffic events.
+
+It provides detailed visibility into connections and network traffic flow, helping to answer key questions such as who initiated
+the connection, what resource was accessed, when it happened, where it originated, and why it was allowed. By enhancing
+network monitoring capabilities, it strengthens security measures and delivers actionable operational insights, empowering
+you to better manage and secure your environment.
+
+
+## Enabling Traffic Events Logging
+
+Traffic events logging is disabled by default. To enable it on the NetBird dashboard, navigate to `Settings > Networks`.
+Under the Experimental section, you’ll find the `Enable Traffic Events` option. Toggle the switch to enable traffic event logging.
+
+By default, traffic reporting in userspace is always enabled, providing basic logging of network interactions.
+However, packet size reporting at the kernel level is disabled by default to minimize CPU usage.
+
+<Note>
+You can optionally enable `Traffic Reporting (Kernel)` to capture additional details, such as network packet sizes,
+at the kernel level. Be aware that enabling this option may lead to higher CPU usage on the NetBird client.
+</Note>
+
+
+<p>
+    <img src="/docs-static/img/how-to-guides/traffic-events-logging-settings.png" alt="traffic-events-logging-settings" className="imagewrapper-big"/>
+</p>
+
+
+## Enable Traffic Events Streaming to SIEM Systems
+
+NetBird allows you to stream traffic events directly to your Security Information and Event Management (SIEM) system in real time.
+By enabling this feature, you can seamlessly monitor and analyze NetBird network flow events within your existing SIEM infrastructure,
+enhancing your ability to detect and respond to security events.
+
+For detailed instructions on supported integrations and how to set them up, refer to the [integrations guide](/how-to/activity-event-streaming).