Symantec Security Expressions Server manual Scheduled Audits Log Report

Page 91

View Audit Results

Open or closed range beginning on a specific day - Includes in the report a range of connection activity starting on a specific date. You may specify an end for the date range or let the report display all activity available after the starting date.

Relative range from the current date - Includes in the report a range of connection activity prior to the day the report ran. Enter how many days, hours and minutes worth of prior data you want to display in the report.

8.Select Most Recent Audit to show the most recent audit only and remove duplicate

data.

9.Click Save to save this report profile.

Editing Audit Report Results Profiles

To edit the Audit Report Results Profile, click the Edit hyperlink and modify the settings established during the report profile creation.

Deleting Audit Report Results Profiles

To delete an Audit Report Results Profile:

1.Click the Edit hyperlink on the Browse Audit Results table to select the report profile to remove.

2.When you delete a report profile, you remove it from the database. A warning appears to remind you that you are about to this particular report profile from the database. Cancel the action or delete the record.

Scheduled Audits Log Report

The Scheduled Audits Log Report displays schedule errors as they were written to the Windows error log.

Adding Custom Reports to the Server Application

You can use reports created using Crystal Reports Designer in the server application if you add them to the server application in a new audit-results report profile.

You can only create reports if you have a full copy of Crystal Reports purchased and installed on the computer where the server application is installed. Contact customer support for advice

on which version to obtain.

To add a custom report to the server application:

1.Create the report in Crystal Reports Designer, making sure to use the ScanStats table or any existing view whose name begins with "tempquery_."

You must use either the ScanStats table or an existing view whose name begins with "tempquery_" for the report to work properly within the server application.

2.Copy the report to C:\Program Files\Altiris\Security Management\SecurityExpressions\seserver\reporting\crystal\. This path is different if you didn't install the server application in the default location.

3.In the Browse Audit Results page, create a new audit-results report profile, selecting Crystal Report as the report type.

83

Page 90 Page 92
Image 91
Page 90 Page 92
Contents SecurityExpressions Server User Guide Page Table Of Contents Page Table Of Contents Page Vii Page Contacting Us Page Contacting Technical Support Technical SupportPage SecurityExpressions Console Other ProductsPage About SecurityExpressions Audit & Compliance Server OverviewPage How to Audit your Local Computer Self-Service AuditWhat is Self-Service Auditing? Self-Service Audit AgreementDisplays on the page. No detailed audit results appear Pages with Role Settings Configure ServersAbout Server Configuration Local Server SettingsViewing Audit Results SetupDatabase Connection Windows 2000 Servers Secure ConnectionCredential Store User Click OK on the Default Web Site Properties windowCreating Credential Stores Site Preferences Enable Web ServicesSecurityExpressions Console Credential Stores Software RegistrationAccess Item Rights Global Machine List Access User RolesLibrary Synchronization Policy File LibraryCheck the Synchronize with a policy file library box How System Scores are Calculated About Policy FilesDefault method for remote execution on Windows Agent & Service ConfigurationTarget Options SSH Agent Authentication Database Cleanup Add Task Update TaskCancel PoliciesSite Preferences Agent DownloadsClick Use the Following Agreement Allow Remediation Page Policies Table What is Audit-on-Connect?Audit-On-Connect PoliciesPage Adding Policies Editing Policies Deleting Policies Configuring with Run-Time Policy VariablesPage Scopes ScopesAdd a New Scope Page Edit a Scope Scopes Table Supported Operators Deleting ScopesDNS Domain Name Scopes Expression ScopesOrg Unit Scopes Supported FunctionsDetection Method Scopes Notifications Editing Notifications Creating New Command NotificationsCreating New Email Notifications Click Add NewClick Add New Creating New Command Notifications Notification Variables Deleting NotificationsAdding Exceptions ExceptionsExceptions Exceptions Table Column DescriptionConnection Monitors Specify Password and Encrypted PasswordConnection Monitors Deleting ExceptionsRemove Configuring Connection MonitorsEnabling Connection Monitors IP Range Section Connection Monitor Configuration FileOptions DefaultConfiguration File Syntax Processing the Configuration FileActive Directory Active Directory Connection Monitor only Slow Links NetworkInitial Token Trace Route InformationNetwork Admissions Control Unmanaged SystemsRedirection Web HealthyQuarantined/Unknown Reaudit if quarantinedRedirection Web Page Behavior Audit on Connect TracingAudit on Connect Tracing Page Page Audit-On-Schedule What is Audit-on-Schedule?Page Adding Policies Editing Policies Deleting Policies Page Notifications Click Add New Click Add New Deleting Notifications My Machine Lists My Machine ListsEditing Machine Lists Adding Machine ListsScheduled Tasks Scheduled TasksDeleting Machine Lists Editing Global Machine ListsAdding Scheduled Tasks Basic SettingsSchedule Settings Hosts Not Connected Settings Credentials Settings Other Options SettingsEditing Scheduled Tasks Windows Group AccessSchedule Settings Notifications Other Options Settings Deleting Scheduled Tasks Page Adding a New Audit-On-Connect Report Profile View Audit-On-Connect ActivityBrowse Audit-On-Connect Activity Audit-On-Connect Activity Table Column DescriptionDeleting Report Profiles Editing Report ProfilesAudit-On-Connect Exceptions Report Audit-On-Connect Error Log ReportPage Browse Audit Results View Audit ResultsAdding a New Audit Results Report Profile Page Deleting Audit Report Results Profiles Scheduled Audits Log ReportAdding Custom Reports to the Server Application Editing Audit Report Results ProfilesPage Glossary Page Index ConfigureIP address 33, 44, 45 Rule weights
Top Page Image Contents