The Compliance Auditor main page lists the records (events) collected according to defined audit rules.
By default, all new and pending events are displayed, as indicated in the Status column. To view authorized and unauthorized events, select the appropriate check boxes and click the refresh icon. Pending events are events that have been viewed and their records edited, but they have not been classified as authorized or unauthorized. You can click any of the column headings to sort by that column.
To view events for a specific time period, select the From and To check boxes, select the required dates, specify the required times, and click Refresh.
The table displays the following information about each event:
|
Column |
Description |
|---|---|
|
Risk |
The color-coded indicators for Command Control command risk level and rule risk level, ranging from green (low) to red (high). For more information, see Setting the Command Risk. |
|
Level |
The escalation level set by the auditor editing the event record. |
|
Status |
The status of the event, indicating whether an auditor has classified the event as authorized or unauthorized. New events have not been viewed. Pending events have been viewed and edited, but have not been marked as authorized or unauthorized. |
|
Time |
The date and time the event occurred. |
|
Event |
A description of what the record contains. |
|
Note |
Any notes made by the auditor when editing the event record. |
|
Assigned |
The user the event has been assigned to by the auditor of the event record. |
|
Rule |
The audit rule that is pulled in the event. |
|
Type |
The type of event. |
|
Size |
The size of the keystroke capture with the total time of the session displayed between parentheses. |
|
Event ID |
The unique event ID. |
From this page, you can perform the following tasks: