ReportPack User Manual - GFI.com
ReportPack User Manual - GFI.com
ReportPack User Manual - GFI.com
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Report name<br />
HIPAA 164.308.a.4- Object Access - Successful<br />
attempts to access files and registry<br />
HIPAA 164.308.a.4 - System Startup/Shutdown<br />
HIPAA 164.308.a.5 - <strong>User</strong> Logon<br />
HIPAA 164.308.a.5 - <strong>User</strong> Logoff<br />
HIPAA 164.308.a.5 - Failure Logons<br />
Description<br />
The report will list all the successful attempts to<br />
access files and registry based on the object access<br />
events. The report will help you identify users or<br />
applications attempting successfully accessing files and<br />
registry that are security sensitive.<br />
The report will list all system startup and shutdown<br />
events.<br />
The report shows logon events generated when a user<br />
logs on a <strong>com</strong>puter. The report covers all logon types<br />
and includes domain logons irrespective of<br />
authentication package being used.<br />
This report lists the logoff events on each <strong>com</strong>puter,<br />
including the initial logon type. It will help you identify<br />
the users successfully ending their sessions.<br />
This report lists the number of failed logons on each<br />
<strong>com</strong>puter, as well as the type of failure, helping you<br />
identify which are the <strong>com</strong>puters showing suspect<br />
access attempts.<br />
9.16 GLBA <strong>com</strong>pliance reports<br />
Report name<br />
GLBA - <strong>User</strong> Logon<br />
GLBA - <strong>User</strong> Logoff<br />
GLBA - Failure Logons<br />
GLBA - All Access to Audit Logs<br />
Description<br />
The report shows logon events generated when a user logs on<br />
a <strong>com</strong>puter. The report covers all logon types and includes<br />
domain logons irrespective of authentication package being<br />
used.<br />
This report lists the logoff events on each <strong>com</strong>puter, including<br />
the initial logon type. It will help you identify the users<br />
successfully ending their sessions.<br />
This report lists the number of failed logons on each<br />
<strong>com</strong>puter, as well as the type of failure, helping you identify<br />
which are the <strong>com</strong>puters showing suspect access attempts.<br />
The report shows audit log related activity such as: audit log<br />
cleared, successful or failed attempts to access the audit logs<br />
and physical (using file managers) access to .evt files.<br />
9.17 Microsoft SharePoint reports<br />
Report name<br />
SharePoint - Audit Trail Integrity Events<br />
SharePoint - Access Control Changes<br />
SharePoint - Document Update<br />
Description<br />
This report lists all changes done to the audit trail.<br />
This includes changes done to logged security<br />
events and deletion of log records.<br />
(Event IDs: 11, 12, 20)<br />
This report lists events related to granting and<br />
revoking authority over SharePoint objects.<br />
This includes changes done to site collection<br />
administrators, group changes and object<br />
permissions.<br />
(Event IDs: 25 to 30)<br />
This report lists events related to document level<br />
access. This report enables you to filter the report<br />
by the following event IDs:<br />
» 13 - Document checked in<br />
» 14 - Document checked out<br />
» 43 - Document updated<br />
» 19 - Object deleted.<br />
<strong>GFI</strong> EventsManager Appendix: Default Reports |63