Reports help you analyze events to assess your compliance regulatory requirements, security best practices, and corporate IT policies. You can use reports to demonstrate compliance and manage information security risk.
Reports emphasize the event data and help you analyze events such as user account visibility, detection of possible security violations, account compromises, network security problems, and any other undesired activities. By analyzing reports, you can configure appropriate correlation rules and actions to prevent any possible non-compliance activities and vulnerabilities.
Consider a scenario where you have an IT policy that states to remove access rights of all employees to information and information processing facilities upon termination of their employment. To view all deleted, and disabled user accounts, and revoked accesses, you can run a report that displays the desired information in a few clicks. You can also schedule the report to run periodically at specific intervals.
You can generate various types of Change Guardian reports for administration and auditing purposes.
The Administration Console includes a report for policy events. When you run the report, you can accept or customize the default options, including:
The frequency you want to run the report
The name for the report
A date range for events
A specific event type
A specific policy
View all events, only managed events, or only unmanaged events
View all change events, only successful change attempts, or only failed change attempts
View events of a specified severity range
Send the report to a specified email address
This chapter provides information about the following: