Viewing Reports on Risky User Activities

The ITM On-Prem (ObserveIT) Reports feature enables you to generate reports about alerts that were triggered and applications that were used by risky users. These reports can be very useful for detecting risky users and the applications they accessed.

You can create your own reports customized to your requirements. Once created, these reports can be run, scheduled for running later, copied, edited, and deleted.

ITM On-Prem (ObserveIT) customized reports can provide summary information about user interactions with sensitive applications on monitored Windows-based servers. Reports can be generated showing sensitive data elements that were viewed by users in every business application (for example, viewing sensitive customer names, credit card information, medical patient records, and so on).

Other examples of reports you could generate include:

• Exposures or interactions with specific fields or values, such as, list all user sessions where VIP customer records were viewed.

• Alert summaries by alert rule, user, computer, alert status, etc.

• You can view and configure reports from the Reports tab in the ITM On-Prem (ObserveIT) Web Management Console. For details, see ITM On-Prem (ObserveIT) Reporting.

• For details about how to generate a report on user interactions with sensitive elements in applications that were used on monitored servers, see Creating an Applications Report.

For details on how to create customized reports that provide summary information about activity alerts on monitored Windows and/or Unix-based servers, see Creating an Alerts Report.