Find the desired product help

Activity Report

 


The report for the activities generated here for the computer groups depends on the settings configured in the log filter section of the computer group properties dialog. The available activities are:

  • App Start – Indicates a secure application is started
  • Exit Application – Indicates a secure application is closed
  • Network Changed – Indicates the endpoint IP address changed to another subnet.
  • Switch In – Indicates the switching in from Windows desktop to the CSB environment
  • Switch Out – Indicates the switching out from CSB environment to Windows desktop
  • Install – The CSB was installed
  • Uninstall – The CSB was uninstalled
  • Upgrade – The CSB is updated to the latest version
  • Integrity Check Failed – Indicates the failure of integrity check when a secure app was launched. When a secure app is started, CSB will check the secure environment and will produce a log if the check fails.
The logs for the selected activities will be received by the management console and saved into database. Reports can be generated for different time periods and the data will be fetched from the database. Report data will be empty if an activity log was disabled in log filter for the selected report generation period. For example, if you had disabled 'Network Changed' last week, no data for this activity will be available in the generated report for the period last week. However, data will available in the generated reports for other time periods when the activity log was in enabled status.

To view the activity report, click 'Reports' on the left and then 'Activity Report' below it:



Activity Report – Table of Column Description

Column

Description

Date

The date and time of activity on the endpoint

Group

The computer group to which the endpoint belongs. Refer to the section 'Managing Endpoint Groups' for more details.

Computer

The name of the endpoint that was detected by CSB on enrollment. Refer to the section 'Enrolling Endpoints for Management' for more details.

Endpoint

The ID for the endpoint assigned by CSB on enrollment.

Secure App

The name of the secure application for which the activity is recorded.

SecureBox Version

The details of the CSB version that is installed on the endpoints.

OS Version

The details of the endpoint's operating system

Installation Date

The date and time when the CSB was installed on the endpoints

Action

The name of the activity that was recorded on the enrolled endpoints:

  • AppStart – Indicates a secure application is started
  • ExitApplication – Indicates a secure application is closed
     
  • Network Changed – Indicates the endpoint IP address changed to another subnet.
  • SwitchIn – Indicates the switching in from Windows desktop to the CSB environment
  • SwitchOut – Indicates the switching out from CSB environment to Windows desktop
  • Install – The CSB was installed
  • Uninstall – The CSB was uninstalled
  • Upgrade – The CSB is updated to the latest version
  • Integrity Check Failed – Indicates the failure of integrity check when a secure app was launched. When a secure app is started, CSB will check the secure environment and will produce a log if the check fails. For configuring the activity email notifications, the name of the activity should be provided in the 'Action' column in the 'Preferences' interface > 'Activity Notifications' > 'Add New' button. Refer to the section 'Configuring the Management Console' for more details.
 SHA 1
 The SHA1 value of the secure application.

Sorting, filtering and searching options


Sorting the entries


Clicking any column heading sorts the entries based on the ascending/descending order of the entries as per the information displayed in the respective column.


Using the filter option


The activity report can be filtered using the date range and can be further filtered by providing the 'From' and 'To' dates.  Please note the availability of past reports (up to one year) depends on the settings configured in 'Report Settings' from the 'Preferences' screen.

  • Click the 'Date Range' drop-down box.




By default, 'Week' will be selected for the date range and the dates in the 'From' and 'To' will be for the last 7 days and the results displayed.

  • To refine the search further, provide the 'From' and 'To' dates by clicking on the combo boxes and selecting the dates from the calendar.




The results will be displayed per the dates and the date range selected. For example, if the selected date range is 'Week', the results will be displayed for 7 days or less according to the dates selected.


To export the report

CMC allows administrators to save the generated threat report to your system.
  • Click the 'Export' button (currently only .xls format is supported)



You can choose to save the file or open with any spreadsheet application.



  • Click 'OK'
The file will be saved in your default download location.

Using the search option
  • Enter the search details of items under any of the columns in the box fully or partially.
The search will begin automatically and results displayed.