Account activity report
Constant provisioning and de-provisioning activities can leave your organization open to security breaches and data leakage. Identifying the resource activity of accounts is essential to determining where access should be removed. This report shows you all the activity for a particular account (for example file reads, writes, and creates) against specific managed hosts.
|
|
Note: This report does not include activity from NFS host types. |
|
|
NOTE: This report requires that resource activity collection be enabled on local managed hosts (Windows computers), SharePoint managed hosts, or remote agents used to scan supported NAS devices. Resource activity collection (and therefore, this report) is NOT available for the following host types:
|
|
|
Note: This report displays resource activity using UTC, not your local time zone. |
Managers can view the activities of any user under their management; Compliance officers and administrators can see activity across the enterprise.
This report helps to identify activities that are outside the scope of an account’s roles so that you can take steps to secure the resources.
Resource activity report
Network resources can be accessed frequently by many users over time. Recording and reporting on this activity can help you determine patterns of usage (who uses what resources regularly) and helps to spot atypical behavior (for example, someone who is reading documents they should not have access to). This report provides a list of activities recorded over a period of time to verify proper resource usage and make decisions on removing access for particular accounts. This report can also suggest possible business owners for orphaned data based on activity.
|
|
NOTE: This report requires that resource activity collection be enabled on local managed hosts (Windows computers), SharePoint managed hosts, or remote agents used to scan supported NAS devices. Resource activity collection (and therefore, this report) is NOT available for the following host types:
|
|
|
Note: This report displays resource activity using UTC, not your local time zone. |
Business owners can run this report for the resources they own; Compliance officers and administrators can run it to view activity across the entire enterprise.
The report helps to answer questions such as: “What changes have been made to sensitive data by the help desk in the last two weeks and is this appropriate?”
Use the following parameters to define the contents of the Resource activity report.
| Parameter | Description | ||||
|---|---|---|---|---|---|
| Time Range |
Specify the time range to report on.
| ||||
| Excluded Accounts |
Optionally select the users, groups or built-in security principals to be excluded from the report.
| ||||
| Activity Exclusions |
Optionally specify the activities to be excluded from the report:
|
Interesting resources without owner report
Interesting resources without an owner report
This report highlights resources that have a high level of activity but do not have an owner. The report includes the perceived owner for resources.
|
|
NOTE: This report requires that resource activity collection be enabled on local managed hosts (Windows computers), SharePoint managed hosts, or remote agents used to scan supported NAS devices. Resource activity collection (and therefore, this report) is NOT available for the following host types:
|
Compliance officers and administrators can run this report for the entire enterprise to identify resources that should be placed under governance and have an owner assigned. For details on assigning business owners, see Managing business ownership for a resource.
Use the following parameters to define the contents of the report.
| Parameter | Description |
|---|---|
| Start Date | Select this check box and enter the starting date for the report. |
| End Date | Select this check box and enter the ending date for the report. |
| Excluded accounts | No objects are selected by default. Click the Change link to specify the accounts to be excluded from the report. |
| Number of Interesting Resources | Indicates the maximum number of resources to be included in the report. If set to 0 (default), then all 'interesting' resources are included. |
Data ownership over time report
This report helps you to identify how data ownership has changed over time for better control over data access.
The report only displays single ownership until One Identity Manager is configured to record data changes. Once these parameters have been enabled, the report displays a complete list of when ownership has changed.
For more information on the configuration parameters that must be enabled, see Logging Data Changes in the One Identity Manager Configuration Guide.
Use the following parameters to define the interval for the report.
| Parameters | Description |
|---|---|
| Start Date | Select this check box and enter the starting date for the report. |
| End Date | Select this check box and enter the ending date for the report. |