Reference Guide
...
Reports
Audit Report

Windows Audit Report

The Windows Local User Audit Report is used to report the current security status of local Windows accounts.

Create the Report Configuration

  1. Navigate to Audit Report > Windows Audit Report.
  2. Open the Report Configuration tab.
  3. Create the report configuration by completing the fields. The Report job can be executed manually or periodically (as scheduled)
  4. We have the parameter Exclude Service Accounts which we can enable on the Device Group. If that parameter is enabled on the Device Group then it excludes all those users to fetch in the Windows audit report. When we execute the audit report, we enable this highlighted parameter.
Document image


To execute the report manually, click the Options drop-down menu button and select Run.

Document image


To execute the Reports periodically, the Scheduled field needs to be configured in the Report Configuration. The period can also be configured from the Jobs Scheduler by editing the WindowsAuditJob.

For the purposes of the Audit Report, the selected device groups must have the globalUsername and globalPassword properties defined. See also section Device Group Properties. To be able to access the report detail, the user-defined as globalUsername should be a privileged user.



Report Details

When a job finishes, the reports are listed in the Reports tab. To access the report:

  1. Navigate to Audit Report > Windows Audit Report.
  2. Open the Report tab.
  3. Click the Options drop-down menu button and select Show Details.
Windows Audit Report
Windows Audit Report


Report details are shown in the Windows Audit Report Details section:

Windows Audit Report Details
Windows Audit Report Details


Dashboard

  1. Navigate to Audit Report > Windows Audit Report.
  2. Open the Dashboard tab.
  3. Choose the desired fields and click the Display Reports button.
Windows Audit Report Dashboard
Windows Audit Report Dashboard