Previous Topic Next Topic

Application Access Audit Report

The Application Access Audit report provides details of the users who have accessed applications using the SAML and OAuth/OIDC protocols. This information includes the username, the time at which the application was accessed, the hostname, the policy to which the user belongs, the application that was accessed, the type of authentication used, the flow that was initiated, the number of attempts, and the status.

Report generation

1. Log into the ADSelfService Plus admin portal and navigate to Reports > Audit Reports> Application Access Audit Report.
2. Choose the domain for which you wish to see the list of users who have accessed applications. You can also choose the Add OUs option to specify OUs if necessary.
3. The Period drop-down menu can be used to filter results by specifying the time period. Options include Today, Yesterday, Last 7 days, Last 30 days, This month and Custom Period.
4. Click Generate to generate the report.

Report customization

• Adding or removing columns: To add or remove columns, click on the Add/Remove Columns [ ] option at the far right of the report. In the Select the columns to be displayed pop-up that appears, select the required fields under Available Columns and click on the right arrow (>>) to move it to the Selected Columns. To remove columns, select the unused fields under Selected Columns and click on the left arrow (<<) to move it to Available Columns.
• Ordering the columns: The columns' positions can also be altered by selecting a value under Selected Columns and using the Up and Down options to change its position.

Advanced Filtering

Once the report is generated, the entries can be narrowed-down based on the following parameters by clicking on the Advanced Filter [ ] icon at the far right of the report.

• User Name: This option lets you display report entries for specific users. The sub-options available under User Name are Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
• Policy Name: This option lets you display report entries for specific policy. The sub-options available under Policy Name are Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
• Application Name: This option lets you display all report entries for specific applications. The sub-options under Application Name are Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
• Authentication Type: This option lets you narrow-down entries by the type of authentication used. The sub-options under Authentication Type are SAML and OAuth/OpenID Connect.
• Initiated Flow: Use this option to narrow-down entries by whether the SSO login attempt was IdP-initiated or SP-initiated.
• Status: Use this option to narrow-down entries by whether the SSO login attempt was a Success or a Failure.

Sorting

Click on any of the column headers (except the Status and Initiated Flow columns) to view the report's entries in ascending or descending order.

Searching

• Click the search icon [ ] in order to search for specific data in the UserName, Accessed From, Policy Name, and Application Name columns.
• Searching works with the criteria contains. For instance, if the word jack is searched, then all the usernames containing the sequence jack will be displayed.

Schedule Reports, Export as and More

• The Schedule Reports option can be used to schedule the generation of reports at specified intervals, and automatically email them to administrators or specific email addresses. Learn to schedule reports here.
• The Export As option in the right corner of the page helps export the report in various formats like CSV, CSVDE, HTML, PDF, XLSX and XLS.
• The More option in the right corner of the page lists the Printable View, Send Mail, and Export Settings options.
  • The Printable View option can be used to preview the report.
  • The Send Mail option can be used to mail the report to the desired email addresses.
  • The Export Settings option allows users to customize the description and logo that will be used in the exported report. Also, the admin can opt to retain the logo on all pages of the exported report.

Previous TopicNext Topic