Reports
Overview
The Reports menu gives you an overview of various statistics on computers and users in your directory as well as on the individual components of EgoSecure Data Protection. Depending on the menu item, various options are available.
Available Reports
The following tables give you an overview of statistics available in the Reports menu and the information they contain.
Tenants
|
Report |
Available information |
|---|---|
|
Secure Audit data usage |
Summary table with the database information for each tenant. Click the tenant row to see details about the size of certain Secure Audit types in the database for the selected tenant. |
|
License usage |
Summary table of all activated licenses per each tenant. Mouse over the column name to see the full name of a product license. In the Show license drop-down, select:
|
See also: Managing tenants
General
|
Report |
Available information |
|---|---|
|
Management overview |
Statistics to the following points:
|
|
Agents state |
In the Computers area the number of computers where the EgoSecure Agent is installed and started, not started/not installed or offline (installed but cannot connect to the Server) is displayed. In the Loaded agents area, the state of Agent components is shown: status OK, driver not loaded or tray not started. |
|
Synchronization log |
Overview of successful and failed synchronization attempts. You will also receive information about the number of objects read or the reason for the synchronization failure (e.g. due to an error code). |
|
Revision |
Overview of Console operations, type of administrator who performed an operation, and an operation result. |
|
Active/inactive products |
Overview of users, computers or groups where selected products are activated or not activated. If at least one of the selected products is activated/not activated for the object, this object is shown. |
|
New objects |
The list of objects (users and computers) added to the directory structure within a defined period of time. Active Directory-/LDAP-/Novell eDirectory-/Azure AD objects appear in Reports after the synchronization Own directory objects are displayed immediately once added. |
|
Windows Subsystem for Linux (WSL) |
Overview of computers where the WSL feature is enabled (WSL statuses radio button) and Linux distributions are installed (Linux distributions radio button). To collect data from computers about WSL, enable WSL data collection. |
Enabling WSL data collection
- Go to Computer management.
- In the Computer management work area, select default rights (computer) or a directory service object (OU, computer, group).
- If you enable WSL settings in default rights, the settings are inherited to all computers.
- In the Settings | Client settings tab, enable the following check boxes in the Windows Subsystem for Linux area to collect WSL data:
- Check WSL enabled to collect information about the state of the WSL feature.
- Detect installed Linux distributions to collect information about installed Linux distributions.
- Click Save.
- Data about WSL is now collected from selected directory objects.
Control
|
Report type |
Available information |
|---|---|
|
Not updated rights |
Right changes which were defined in Console, but haven’t been applied to users or computers, for example, because a user didn’t log into the system |
|
Analyzing of rights changes |
Changes in the assigned access rights. |
|
Rights analysis |
Overview of the directory service objects that have selected access rights. For details, see: Showing rights analysis |
|
Rights review – details |
Overview of access rights for selected device classes. List of permissions per user, computer and/or group. |
|
Rights review – summary |
The percentage and the number of directory objects, to which certain access rights for the selected device class are assigned. |
|
Difference with default rights |
Directory objects, for which the assigned access rights for device classes differ from default access rights. |
|
Broken inheritance |
Directory objects, where the inheritance of access rights for device classes from a group has been deactivated |
|
Temporary access rights |
Directory objects, for which temporary access rights for a device classes are currently applied. |
|
Unblocking codes review |
Displaying unblocking codes generated for users and the time when users activated them. |
|
Individual device permissions |
All active and inactive individual device permissions assigned to directory objects. |
See also: Access Control
Analyzing rights of a device type
- Go to Reports | Control | Rights analysis.
- Select a directory object type: users, computers and/or groups.
- In the Time schema area, select the week day and time to see objects for which the selected access right is applied (scheduled access). This criterion also includes all objects for which one access right is applied constantly, in spite of a week day and time.
- The directory service objects with the corresponding rights appear in the list.
Audit
Audit table display limitation. Each Secure Audit report can display only up to 1 million records. See also Archiving or deleting old audit data
|
Report type |
Available information |
|---|---|
|
Management overview |
|
|
File access |
All operations with files which are audited by the Secure Audit product. |
|
Blocked access |
All user access attempts which have been violated. |
|
Devices connection |
Data about connecting external storage devices. |
|
Unencrypted files transfer |
Files transferred to controlled clouds and devices (external storage and CD/DVD) without encryption if Removable Device Encryption and Cloud Storage Encryption are activated. If Encryption is disabled under Product settings | Encryption options, the Unencrypted files transfer report is not displayed. If the shadow copy product is enabled for a user, open or save files directly from the Console. |
|
Internet |
The history of user browsers. |
|
Wi-Fi |
The facts of connection to the wireless networks and information whether the networks are secure or open (insecure). |
|
Applications launch |
Displaying the launch history of all applications, processes and dynamic link libraries. |
|
Use of applications |
Viewing the applications usage summary, including the usage date and duration. |
|
System events |
History of computer shut down, start, sleep, hibernation, etc. |
For details, see: Secure Audit
Filters
| Report Type | Available information |
|---|---|
| Assigned filters | File type filters assigned to users. Group filters by filter names (Filter radio button) or by directory objects (Entities radio button). |
For details, see: Filters: controlling access to the file formats
Encryption
| Report Type | Available information |
|---|---|
|
Encrypted folders |
Overview of local folders encrypted by an administrator and by users. |
|
Encrypted network folders |
Overview of network folders encrypted by an administrator and by users. Decrypted folders display with the Not encrypted status and are automatically deleted from the Console in 3 days after being decrypted. |
BitLocker
| Report type | Available information |
|---|---|
|
Encryption status |
Overview of all drives encrypted with BitLocker Management and the status of the encryption. It is possible to select multiple computers and change their Bitlocker encryption status. |
FDE
|
Report type |
Available information |
|---|---|
|
Management overview |
|
Antivirus (EgoSecure Antivirus)
| Report type | Available information |
|---|---|
|
Management overview |
|
|
Event log |
Actions that an administrator performed with the Antivirus: installation, uninstallation, scans and their results, errors. |
|
Threat found |
Audits all infected and suspicious objects detected during a scan. |
|
Quarantine |
List of files that appear in Quarantine as a result of scan. For details, see: EgoSecure Antivirus quarantine |
For details, see: EgoSecure Antivirus
Data Loss Prevention (DLP)
| Report type | Available information |
|---|---|
|
Data in Use |
The history of access to text files, where matches are found. |
|
Data at Rest |
The history of finding text files, where matches are found and the actions performed with the found files. |
|
Scans |
The history of scans performed within the DLR – DAR product. |
|
Quarantine |
Files moved to quarantine as a result of the scan performed by DLP – DAR. You can restore, delete of download these files. |
For details, see: Data Loss Prevention
Green IT
| Report type | Available information |
|---|---|
|
Your profit |
A sum of money and power saved, and an amount of CO2 emissions reduced. The data allows for calculating a forecast for a year. |
|
Suspicious activity |
The duration of computers activity. The detailed filtering feature allows for filtering only the desired time period. |
For details, see: Green IT
Inventory
| Report type | Available information |
|---|---|
|
Logical disks |
Volume name, file system type, amount of filled space, volume size and data modified. |
|
Disk drives |
Disk model, its interface type, serial number, size, etc. |
|
Physical memory |
Physical memory, its manufacturer, serial number, capacity, and data modified. |
|
Processors |
Processor name, device and processor ID, family, manufacturer, architecture, speed, etc. |
|
Video cards |
Device ID, name, resolution, video memory, etc. |
|
Applications |
All applications installed on selected Agents with the following details: installation date, publisher, version, location. |
|
Executable files (*.exe) |
Files executed on Agents: date and time, size, hash value, vendor. |
For details, see: Inventory
Exporting Reports
With EgoSecure, you can select reports for export and save them locally, and also send them by e-mail.
Sending reports via e-mail. To send report files by e-mail, specify an e-mail account from where to send reports. Define e-mail address settings under Administration | Servers | Mail, proxy and others. For details, see: Setting up SMTP
Setting up the export of reports
- Go to Administration | Administrator | Reports export.
- Enable the reports export.
- In the Server drop-down menu, select the Server where reports are exported and stored.
- In the Directory field, specify the exact location where the reports are exported and stored on the Server computer.
- In the Recipients field, enter e-mail address where reports are sent if the Send copy to E-mail check box is selected for a report entry. To send reports to multiple recipients, divide them with a semicolon (;). All generated reports are sent as a .zip archive.
- Select a period or specific time and check the boxes with weekdays. On the example below, reports are sent every Friday at 20.00.
- Enable Hide user/computer data to generate reports with unreal user names.
- Note: only in Synchronization Log, and Assigned filters real user names are written in any case.
- In the Language drop-down menu, select in what language the reports are generated. Default (system) means that the language of the system, where the Server is installed, is used.
- Under Reports for export, check the boxes with report types. If a report contains no information, this report type is generated, but has no data inside.
- Selected reports are saved to the defined directory on the server computer.
- Check the Send copy to e-mail box to send reports as zip archives to mail addresses defined in the Recipients field.
- Selected reports are additionally sent to defined e-mail addresses.
- Click Save.