Help Document

Log360Cloud Reports

Log360Cloud offers 1000+ out-of-the-box reports and also the capability to create custom reports as per your requirements. These reports can help review the key security events happening in your network and also meet compliance requirements.

The reports can be accessed from the Reports tab of the UI. The events shown in the reports can be drilled down to the raw logs and filtered based on various log fields.

Available Reports:

Note: Some AD reports include object filter that can be used to filter data based on the domain objects.

Available reports

 

Reports Module Report category Available reports
Devices Windows
  • Windows Events
  • Windows Severity Reports
  • Windows Critical Reports
  • Windows Logon Reports
  • Windows System Events
  • Threat Detection
  • Removable Disk Auditing
  • Network Policy Server
  • Registry Changes
  • Windows Backup and Restore
  • Application Crashes
  • Windows Firewall Auditing
  • DNS Server
  • AD DNS Server
  • Network Share
  • File Monitoring
  • Trust Relationships Changes
  • Domain Controller Logon Reports
  • Policy Changes
  • Group Management
  • User Account Management
  • Process Tracking
  • Windows Logoff Reports
  • Windows Failed Logon Reports
  • Threat Detection From Antivirus
  • Infrastructure Reports
  • Windows Important Events
  • Hyper-V Server Events
  • Windows Firewall Threats
  • Application Whitelisting
  • Program Inventory
  • Domain Events
  • Hyper-V VM Management
  • User activity
Devices Active Directory
  • User Logon Reports
  • Local Logon-Logoff
  • Account Management
  • User Management
  • Group Management
  • Computer Management
  • Permission Changes
  • Configuration Auditing
  • DNS Changes
  • AzureAD Password Protection
  • Domain Object Changes
  • LAPS Audit
  • OU Management
  • GPO Management
  • Other AD Object Changes
Devices Unix
  • Unix Events
  • Unix Logon Reports
  • Unix Logoff Reports
  • Unix Failed Logon Reports
  • Unix User Account Management
  • Unix Removable Disk Auditing
  • SUDO Commands
  • Unix Mail Server Reports
  • Unix Threats
  • Unix NFS Events
  • Unix Other Events
  • Unix FTP Server Reports
  • Unix System Events
  • Unix Severity Reports
  • Unix Critical Reports
Devices Network devices

Predefined reports for Arista, Barracuda, Check Point, Cisco, F5, Fortinet, FirePower, H3C, Huawei, Juniper, Meraki, NetScreen, pfSense, Palo Alto, SonicWall, Sophos, WatchGuard devices, Dell, Forcepoint and StormShield.

  • All Events
  • Important Events
  • Router Logon Report
  • Router Configuration Report
  • Router Accepted Connections
  • Denied Connections
  • Router Traffic Report by Protocol
  • Router/Switch System Events
  • Router Traffic Errors
  • IDS/IPS Activity
  • Firewall Threats
  • Firewall Traffic Reports
  • Denied Connections
  • Common Reports
  • Firewall Logon Reports
  • Firewall Account Management
  • Firewall VPN Logon Reports
  • Firewall VPN Users Reports
  • VPN Connection Status Report
  • Network Device Severity Reports
  • Network Device Risk Reports
  • Firewall Website Traffic Reports
Devices VM Management

Predefined reports for ESXi

  • Hypervisor Events
  • VMWare Logons/Logoff
  • VMWare System Events
  • VMWare Server Events
Cloud Sources AWS
  • User Login Activity
  • Failed/Unauthorized Activity
  • IAM Activity
  • User Activity
  • Network Security Groups
  • VPC Activity
  • S3 Bucket Activity Reports
  • WAF Reports
  • Security Token Service
  • AWS Config Reports
  • EC2 Reports
  • Amazon Auto Scaling Reports
  • Amazon ELB Reports
  • RDS Reports
  • Route 53
  • S3 File Changes Audit
  • S3 Traffic Analysis Reports
  • Classic LoadBalancer Reports
  • Application LoadBalancer Reports
  • Network LoadBalancer Report
Microsoft 365
  • Microsoft 365 Overview
  • Exchange online
  • Azure AD
  • Microsoft Teams
  • OneDrive Online
  • Sharepoint Online
General Applications SQL Server
  • SQL Server Events
  • DDL Auditing Report
  • DML Auditing Report
  • Logon/Logout Events
  • Failed Logon Events
  • Startup Shutdown Events
  • Server Principal Changes
  • Database Principal Changes
  • Password Changes
  • Audit Changes
  • Backup and Restore Events
  • Security Reports
  • System Events
  • Permission Denied Report
  • Integrity Report
  • Authority Changes
  • Trace Changes
Oracle
  • Oracle Events
  • Auditing Account Management
  • Auditing Report
  • Auditing Server Report
  • Security Reports
Terminal
  • Terminal Server Events
  • Terminal Server Gateway Logons
  • Terminal Server Gateway Communications
  • Terminal Server Gateway Top Reports
Sysmon
  • Sysmon Events
  • Process Audit Report
  • Registry Audit Report
  • File Audit Report
  • Library And Drivers Report
  • Network Audit Report
  • WMI Audit Report
  • Configuration Report
Exchange Reporter Plus
  • Exchange Events
  • Mailbox Audit Logging
  • Admin Audit Logging
  • Mailbox Import Export Changes
  • Folder Access Permission Changes
Security Applications MalwareBytes
  • Malwarebytes Reports
FireEye
  • FireEye Reports
Symantec Endpoint Protection
  • Symantec Reports
Symantec DLP
  • Symantec DLP Reports
CEF Format
  • CEF Format Reports
McAfee
  • McAfee Events
  • McAfee Threat Reports
  • McAfee Virus Reports
Trend Micro
  • Trend Micro Events
  • Logon Reports
  • Policy Management
  • User Account Management
  • Security Reports
Import Supported Log Sources Apache
  • Apache Server Events
  • WebServer Error Reports
  • WebServer Top Reports
  • WebServer Attack Reports
  • WebServer Advanced Reports
DB2 Logs
  • DB2 Events
  • DDL Auditing Report
  • DML Auditing Report
  • Database Connection Auditing
  • Database Server Reports
DHCP Linux
  • DHCP Linux Events
  • DHCP Server Reports
DHCB Windows
  • DHCP Windows Events
  • DHCP Server Reports
IIS W3C Web
  • IIS Web Server Events
  • WebServer Top Reports
  • WebServer Error Reports
  • WebServer Attack Reports
IIS W3C FTP
  • IIS FTP Events
  • FTP Server Reports
MySQL
  • MySQL Events
  • Logon Reports
  • General Statements Reports
  • Database Administrative Statements Reports
  • MySQL Server Events
Postgres
  • PostgreSQL Events
  • DDL Auditing Report
  • DML Auditing Report
  • Logon Reports
  • Auditing Account Management
  • Database Administrative Statements Reports
  • PostgreSQL Server Events
SAP ERP Audit Logs
  • SAP Events
  • Logon Reports
  • User Account Management
  • Configuration Reports
  • Attack Reports
  • System Events
  • Device Severity Reports