Five Reports are eMailed Daily:

 

  • User Logon Report

  • User Logoff Report

  • Failed User Logons

  • Object Access Report

  • IPS Summary Report (Cisco ASA required)



This email may contain several reports:

 

- General overview for today and the past three days

 

- Compliance report : Successful logons for yesterday

- Compliance report : Unsuccessful logons for yesterday

- Compliance report : Logoffs for yesterday

- Compliance report : Object changes for yesterday

- Proprietary report: IDS/IPS messages for yesterday

 

NOTE: Reports are only created if corresponding data are available

 

Statistics for group 'Sample Company':

------------------------------------------------------------

Host '66.666.6.255'

 

=> Total events

Today : 1156

Yesterday : 1282

2 days ago: 1163

3 days ago: 1000

 

------------------------------------------------------------

Host 'monman.sampleco.com'

=> Yesterday's successful logons (relevant to GLBA, SOX, HIPAA, PCI standards): 3

2008-12-03 06:27:04 su[7354]: Successful for Jim Smith

2008-12-03 06:27:04 su[7356]: Successful for Barb Jones

2008-12-03 06:27:04 su[7358]: Successful su for Ellen Nickols

 

------------------------------------------------------------

Host '66.666.6.255'

=> Yesterday's IDS/IPS messages (proprietary extension): 731

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 01:04:46 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.53 to DNS1 on interface external

2008-12-03 02:38:02 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.78 to DNS1 on interface external

2008-12-03 02:38:02 %ASA-3-400023: IDS:2150 ICMP fragment from 10.100.7.78 to DNS1 on

 

(All 731 not shown here, but are in actual report)