Help Center

Third-party software Contact us

Custom reports

All DataSecurity Plus technicians can create custom reports. This feature allows them to:

  • Define a template for popular reporting use cases in their organization.
  • Create special reports for an entity or situation that is not available in the default audit reports.

You can create personalized reports for a particular user, file share, set of actions, or any combination of the filters available in DataSecurity Plus.

Custom reports are different from audit profiles in that they use the raw data collected by the audit profiles and present them to the user in a desired format. Custom reports do not collect new audit details. With custom reports, you essentially apply filters to existing report data and save the filtered configuration as a new report.

Follow the steps below to view the custom report configurations:

  • Select File Audit from the application drop-down.
  • Go to Configuration > General Settings > Custom Reports.
  • Here, you will see the Global Reports and Server-Specific Reports tabs.
    • Global Reports: This lists the custom audit reports that are applied to all configured servers. These reports will list details of file activities across the selected servers.
    • Server-Specific Reports: In this tab, select a server in the corresponding field to view all the custom report configurations applied in that server, both globally and locally.

Creating and editing reports

A) Global reports

Upon installation, DataSecurity Plus will have nine default global reports, either for one specific file access type or a combination of access types. These will include audit data from every configured file server.

For more information on these default global reports, see Access Audit reports.

Creating custom global reports

To create a custom global report:

  • Select File Audit from the application drop-down.
  • Go to Configuration > General Settings > Custom Reports.
  • Click Add Global Report in the top-right corner.
  • Enter a suitable name and description for the new report.
  • In the Report visibility section, you can choose one of two options:
    • Owner only: This will ensure that the new report will be private to the technician who created the custom report. It will not be visible to other users.
    • All users: This option allows the report to be visible to all DataSecurity Plus technicians.
  • Under Criteria, use the available filters to choose which entities will be reported on. There is an extensive list of filters that can be applied. Click + to add more than one filter and x to delete a filter.
  • For example, to monitor users creating media or other non-business files in enterprise file storage, the global custom report's criteria must be set as:

    User Object = In = ALL

    Action = In = Create

    File Type = In = Image Files, Other File Types, Audio Files

    Another common use case is to report on users' failed attempts to access files during non-business hours. For this, set the criteria as:

    User Object = In = ALL

    Action = In = Read Deny, Delete Deny, Write Deny

    Business Hour = Equals = Non-Business

  • Click Save, then click OK to close the confirmation pop-up.

The new report can now be viewed under Access Audit > Custom Global Reports.

Editing custom global reports

Default global reports cannot be edited. However, custom-created global reports can be edited by the user who created the view. To edit a global report:

  • Select File Audit from the application drop-down.
  • Go to Configuration > General Settings > Custom Reports.
  • From the Custom Global Audit Reports table, select the edit icon next to the report you wish to edit.
  • Change the required details, update the required criteria, and click Save.
  • Click OK.

Server-specific reports

When earlier installations (prior to build 6060) are updated to the latest build, existing custom reports will be moved to the Server-Specific Reports tab.

Creating custom server-specific reports

To create a custom server-specific report:

  • Select File Audit from the application drop-down.
  • Go to Configuration > General Settings > Custom Reports.
  • Click the Server-Specific Reports tab, then click Add Server Report in the top-right area the table.
  • Enter a suitable name and description for the new report.
  • In the Report visibility section, you can choose one of two options
    • Owner only: This will ensure that the new report will be private to the technician who created the custom report. It will not be visible to other users.
    • All users: This option allows reports to be visible to all DataSecurity Plus technicians.
  • Under Criteria, use the available filters to choose which entities will be reported on. There is an extensive list of filters that can be applied. Click + to add more than one filter and x to delete a filter.
  • For example, to spot users accessing a folder that contains the CEO's high-level files during non-business hours, the custom report's criteria must be set as:

    User Object = In = ALL

    Share Path = Starts with = \\FS01\CriticalData\CEO

    Action = In = ALL

    Business Hour = Equals = Non-Business

    In case you want to report on only failed attempts to access the same critical folder, the custom report's criteria must be set as:

    User Object = In = ALL

    Share Path = Starts with = \\FS01\CriticalData\CEO

    Action = In = Read Deny, Write Deny, Delete Deny

    Another common use case is to view folders that have been deleted or renamed in the last six months on a particular server, set the custom server-specific report's criteria as follows:

    Action = In = Delete and Rename

    User Object = In = ALL

    Time Generated = Within = 6 = Month(s)

  • Click Save, then click OK to close the confirmation pop-up.

The new report can now be viewed under Access Audit > Custom Server Reports.

Editing custom server-specific reports

To edit a custom server-specific report:

  • Select File Audit from the application drop-down.
  • Go to Configuration > General Settings > Custom Reports.
  • Click the Server-Specific Reports tab.
  • From the table, select the edit icon next to the report you wish to edit.
  • Change the required details, update the required criteria, and click Save.
  • Click OK.
Tip:

If you want to send out weekly reports to stakeholders on all the read events made on a particular server in that week, you can create a custom report with the below criteria and schedule the report delivery.

  • Audit Configuration:
    Include: Action = In = Read

To create a schedule for these reports, follow the steps on the Schedule reports help page.

Deleting and disabling reports

To delete a report:

  • Select File Audit from the application drop-down.
  • Go to Configuration > General Settings > Custom Reports.
  • If you want to delete a server-specific report, select that server in the Server-Specific Reports tab. Otherwise, skip this step.
  • From the table, check the boxes next to the report(s) you wish to delete.
  • Click the delete icon at the top of the table.
  • Click OK to confirm the action.

The deleted report(s) will be removed from the Access Audit console.

Alternatively, you can also choose to disable a report temporarily by selecting the report from the table and clicking the disable icon.

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

     
  • Request additional resources

    Send us your requirements.