Chat now with support
Chat with Support

InTrust 11.3 - InTrust Reports

Reports_ACS

Reports for ACS

This section contains a list of reports intended for viewing via Microsoft System Center Operations Manager console; they are based on data from Windows security log collected using Audit Collection Services (ACS) and then stored to InTrust Audit database for analysis and reporting.

The special 'InTrust for ACS management pack deployment status' report displays the status of Quest InTrust for ACS Management Pack deployment to Operations Manager agents.

Reports for Operations Manager Console

Computer accounts changes

This InTrust report shows computer accounts changes. Computer accounts should be created, deleted, renamed, or changed by administrative accounts only. If the administrator fails to duly perform computer account management tasks, this may lead to security violations.

Domain Trusts Changes

This InTrust report shows domain trust changes. Domain trusts should be added, removed, or modified by administrative accounts only. If the administrator does not duly perform domain trust management tasks, this may lead to security violations.

File Access

This InTrust report shows file access attempts. Access to certain files may be unwarranted.

Group Management

This InTrust report shows group changes. Groups should be created, deleted, or changed by administrators. If the administrator fails to duly perform group management tasks, this may lead to user rights misrule and security violations.

Group Policy Object access

This InTrust report shows Group Policy objects access attempts. Access to this type of objects may be unwarranted. Such events often indicate changes to the policies, and they need to be tracked. Note This report is based on object access events from the Security log.

InTrust for ACS management pack deployment status

This report displays the status of Quest InTrust for ACS Management Pack deployment to Operations Manager agents (ACS-forwarders). The Management Pack provides for complementing ACS database records with the information required to comply with InTrust repository and Audit database format.

Logon activity trends

This InTrust chart graphically represents logon activity in your network, visualizing, for example, statistics for logons that failed due to different reasons (for example, bad password, disabled user account, etc.). The chart allows you to detect trends in logon activity and analyze anomalies.

Logon Statistics

In the Windows environment different logon types are registered by the system depending on what kind of resource a user accesses. This InTrust report shows all logon types such as interactive logons to domains, access to shared folders, dial-up connections to the network, and so on, and groups logon statistics.

Password resets

This InTrust report shows when account passwords were reset and who reset them. An entry in the report means that the password was either reset or changed. By default, only user accounts are included, but you can use the User Accounts filter if you want to include computer accounts as well.

User Accounts Management

This InTrust report shows changes to user accounts. User accounts should be created, deleted, enabled, or disabled by administrators. If the administrator fails to duly perform account management tasks, this may lead to account misrule and even security violations.

User rights management

This InTrust report shows changes to user rights. User rights should be assigned or removed by administrators. If the administrator fails to duly perform user rights management tasks, this may lead to user rights misrule and security violations.

Reports_ARS

Report Pack for Active Roles Server

This section contains a list of reports included in the InTrust 11.3 Report Pack for Active Roles Server.

Active Directory Management Bypassing ARS

Account management performed outside ARS (Security Log)

Jap This InTrust report shows changes to Active Directory accounts (users, computers and groups) that were performed with administrative tools other than ARS. Use it if the managed domain accounts reserved for the ARS service can be used by other applications or personnel. To detect account management activity outside ARS, the report checks both Security log events and ARS Server log events. If an event in the Security log has no matching event in the EDM Server log, this event is included in the report.

All activity within and outside of Active Roles Server

This InTrust Plug-in for Active Directory report shows a consolidated trail of Active Directory changes made both with ARS and with native Active Directory management tools bypassing ARS.

AD_ Management using ARS

Active Directory Management using ARS

Deprovisioning of User Accounts

This InTrust report contains the history of Active Directory user account that were deprovisioned during the specified period of time.

Directory object management

For Active Roles Server this InTrust report shows all activity of particular users that has to do with Active Directory object management. The report helps check whether administrative activity complies with the corporate policy.

Directory object management summary by Initiator

For Active Roles Server this InTrust chart shows the proportion of particular users activity that has to do with Active Directory object management. The chart helps check whether administrative activity complies with the corporate policy.

Group Management by Initiator

This report shows group changes. Groups should be created, deleted, or changed by delegated administrators.

Group Membership Management by Initiator

This report shows group membership changes. User accounts should be added to or removed from groups by delegated administrators.

User Accounts Management

This report shows changes to user accounts. User accounts should be created, deleted, enabled, or disabled by delegated administrators.

User attribute management

For Active Roles Server this InTrust report shows all changes to user account attributes in chronological order. It indicates the changed attributes, who changed them, when and how they were changed. The report provides both the old and the new values of changed attributes. Using the report, you can easily find out who changed or reset user passwords within a given time period reflected in the ARS Server log.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating