The User Activity Issues report in Secure & Govern enables monitoring and reviewing suspicious activities performed by users. It provides a detailed list of activities based on selected issue types to help quickly identify and investigate potential security threats by focusing on the selected users.
Create a New Report
- Navigate to Secure & Govern -> Reports -> Threat Management -> User Activity Issues.
- Click on New report.
- Enter the details
- Report name: Provide a name to the report being created
- Source: Select the Egnyte source to be used for the report
-
Users/Groups: Choose users/groups for the report as All users/group(s) (default), Selected users/group(s), All deactivated users. The option Selected users/groups allows for searching and selecting specific users and groups
-
Issue Types: Choose issue type(s) as All issue type (default) or selected issue type. Select the desired issue type(s) for the latter
-
Date range: Select the date range from the dropdown. 30 days is the default selection.
- Click on the Create button.
- The newly created report shows up under Reports -> Threat Management -> Users Activity Issues in the pending state. It takes a few seconds to generate the report.
Access a Report
- Navigate to Reports -> Threat Management -> Users Activity Issues and click on a specific report to access it.
- The report opens up with the number of issues included for each of the user or group under the selected categories at the time of report generation.
Click on the report to dive deep into the identified issues, it will contain details such as
- Issue number
- Type
- Updated date
- Severity
- Source
- Status
- Confidence percentage
The report also provides information on the
- IP address
- External users
- Number of public links
- Topmost affected folders
- Total suspicious logins
- Successful suspicious logins
- Unsuccessful suspicious logins
- Unused groups
- Empty groups
- Open groups
Export a Report
The user activity issues report can be exported to the user’s machine in a .xlsx format.
- Navigate to Reports -> Threat Management -> User Activity Issues and select the three dots menu for the report to export and click on Export. This will export the full report.
- Alternatively, access the report at the count level or at the issues level and choose to export the current view or full report. The report will be exported as per the selected option.
Delete a Report
- Navigate to Reports -> Threat Management -> User Activity Issues and select the three dots menu for the specific report to delete. Click on Delete.
- Click on Delete to confirm.