Rule Deployment Report
This report tracks the overall usage of privilege Elevation rules across a domain. The report lists each rule, showing how many clients it has been deployed to and how many times it is used.
Each record about a deployed rule contains these details:
Instant Elevation Report
This report allows you to track Instant Elevation activity during a period of time on managed client computers. With this report, you can see when users have been granted Instant Elevation privileges and on which computers.
Each privilege Elevation event reported contains these details:
-
Type: The privilege Elevation rule type.
-
Elevated Item: The path to the elevated application or command with the argument (if any).
-
Rule Name: The privilege Elevation rule name.
-
Rule GUID: The privilege Elevation rule globally unique identifier (GUID).
-
User (Domain\Name\OU): The user, domain name, and OU.
-
Computer (Domain\Name\OU\Class\OS): The computer, domain name, OU, class, and OS.
-
Elevation Time: The time of the privilege Elevation on the client computer.
To learn how to create this type of report and manage the data, see Generating and using reports.
Temporary Session Elevation Request Report
Reporting > Temporary Session Elevation Request Report
This report allows you to track Temporary Session Elevation passcode requests from managed client computers. With this report, you can see when a passcode has been generated based on a request, if the request was denied, or if the request is still pending review.
The Temporary Session Elevation Request report contains these details:
-
User (Domain\Name): The user that used the passcode on their machine.
-
Action: The state of the Elevation request. This can be:
-
Processed Date: The date the administrator responded to the request.
-
Reason: The reason given for the Elevation request.
-
Maximum Allowed Usage: The number of times the passcode can be used before expiring.
-
Duration: The amount of time the passcode remains active for when used.
-
Computer (Domain\Name): The computer that the passcode is requested from.
-
Request Sent: The date and time the user submits the request for a passcode.
To learn how to create this type of report and manage the data, see Generating and using reports.
Temporary Session Elevation Usage Report
Reporting > Temporary Session Elevation Usage Report
This report allows you to track Temporary Session Elevation activity during a period of time on managed client computers. With this report, you can see when users are granted temporary Instant Elevation privileges using passcodes, on which computers, and also which specific applications were elevated.
The Temporary Session Elevation Usage report contains these details:
-
User (Domain\Name): The user that used the passcode on their machine.
-
Maximum Allowed Usage: The number of times the passcode can be used before expiring.
-
Remaining Usage: The number of times that are left to use this passcode.
-
Usage Count: The number of times this passcode is used so far.
-
Elevated Item: The application that was run in an elevated state.
-
Computer (Domain\Name): The computer that the passcode was used on.
-
Time Elevated: The date and time the Elevation occurred.
-
Passcode ID: The exact passcode provided by the administrator.
