Auditing Report Configuration

ObserveIT enables you to generate reports that provide summary audit log information about user logins, sessions, and saved sessions, in which console users were active on monitored Windows, Mac, or Unix-based endpoints. For example, if an Agent's recording was turned off or changes were made in a Recording Policy configuration, you can report on exactly who did this, and when it happened. These reports are valuable for security auditing and change management.

This topic describes the metadata that you can select to be included in reports based on audit log information (see Report Types). These reports can be generated for Windows, Mac, or Unix-based endpoints.

For detailed instructions on the steps required to create a report, see Creating a Custom Report.

You can generate reports on the following types of information:

  • Audit Logins: Logins to the Web console

  • Audit Sessions: Recorded sessions playback

  • Audit Saved Sessions: Recorded sessions that were exported

Audit Logins

To create a report on Audit Logins, you can select the following fields to be displayed as columns in the report:

Type Column Description

Audit Logins

Status

Login was successful or failed

Description

Description of the login (if relevant)

Login Date

Date of the login

Login Date Time

Time of the login date

Login Time

Time of the login

Audit User Name

Console user that accessed the Web Console

Audit Domain Name

Domain name (if the Console user is configured with an external Active Directory or LDAP domain)

Client

Client IP address used to log in to the Web Console

Audit Sessions

When creating an Audit Sessions type report, you can specify types of columns for:

Type Column Description

Audit Sessions

Accessed Date

Date and time the audit entry was created

Operator Name

Console User that logged in to the Web Console

Audit Time

The time that the audit entry was created (that is, when the user opened the Video player for the session)

Operator Domain Name

Domain name (if the Console user is configured with an external Active Directory or LDAP domain)

Client

Client IP address used to log on to the Web Console

Audit Date

Date that the audit entry was created.

Audit Saved Sessions

When creating aAudit Saved Sessions type report, you can specify types of columns for:

Type Column Description

Audit Saved Sessions

Action Time

Date and time that the audit session was saved

Session Name

Name of the saved audit session

Requested Slides

Specified slides to be included in the saved session

Audit Domain Name

Domain name (if the Console user is configured with an external Active Directory or LDAP domain)

Audit User Name

Console user that accessed the Web Console

Total Slides

Actual number of slides in the saved session

Action Type

Audit action that was detected - Download or Delete

See also