Configure report settings

This topic describes how to configure general report settings, what appears in the Report pages, and what the reports look like.

It may take a few hours for the report settings to take effect.

How do I access these configuration options?

To access these settings, in the Privilege Cloud portal, go to Administration Configuration OptionsConfigurations > Reports.

General report settings

These parameters are general report parameters set on the global report level.

 

 

DefaultSafe

The name of the Safe that are created for reports and where generated reports are saved. The default Safe is PVWAReports.

For details, see PVWAReports.

ExecutionTimeout

The maximum time in minutes that a report can be generated. After this time has expired, a timeout message is displayed. The default value is 60 minutes.

ManageReportsGroup

The group of users authorized to generate reports. The default group is PVWAMonitor.

RecordsFlushInterval

The number of records that are written to the report output file in every internal interval. The default value is 100

MaximumRecords

The maximum number of records that are included in a report. The default value is 40,000.

MaxConcurrentReports

The maximum number of reports that can run concurrently. The default value is 1.

The following parameters determine how the report output is saved in a CSV file:

Parameter

Description

CSVSeparator

The separator that is used between the different columns in the CSV file. The default value is ‘,’ (comma).

CSVTextQualifier

The enclosing text of each column in the CSV file. The default value is “ (quotations).

DisplayFieldsHeader

Whether or not the header columns in the CSV file is displayed in the report. The default value is Yes, which indicates that header columns are displayed in the report.

Report collections

Report collections are reports grouped by commonalities.

The following collections are predefined:

  • Privileged Accounts Inventory

  • Privileged Accounts Compliance Status

  • Entitlement Reports

  • Application Reports

  • Activity Reports

The following parameters define each assembly (dlls that define the report) that implements one or more reports:

Parameter

Description

AssemblyName

Defines the name of an assembly.

Name

Defines the name of the report collection.

Parameters Lists

Specifies a list of internal parameters that are used to generate reports. These parameters can be defined for each collection of reports and then overridden in the parameters lists for each specific report.

Output Fields

Specifies the list of fields that are displayed in reports. These parameters can be defined for each collection of reports and then overridden in the output fields for each specific report.

Privileged Accounts Inventory:

By default, the following fields are displayed: Safe, Folder, Name, Platform Id, DeviceType, Username, Address, Group, LastAccessedDate, LastAccessedBy, LastModifiedDate, LastModifiedBy, VerificationDate, CheckoutDate, CheckedOutBy, Age, ChangeFailure, VerificationFailure, MasterPassFolder, MasterPassName, DisabledBy, DisabledReason.
The following fields can be added manually: CheckoutDate, CheckedOutBy, Age, ChangeFailure, VerificationFailure, MasterPassFolder, MasterPassName, DisabledBy, DisabledReason, any account property that has been specified for one or more accounts.

Privileged Accounts Compliance Status:

By default, the following fields are displayed: Username, Address, Safe, Platform ID, ComplianceStatus, NonComplianceReason, ExpirationDue, PlannedPasswordChange, ChangeMode, OneTimePasswords, ExpirationPeriod, LastModifiedDate, LastAccessedBy, LastAccessedDate, LastAccessRequestTimeframe.
The following fields can be added manually: ExclusiveAccess, DualControl, PerformPeriodicChange, AllowManualChange, HeadStart, AccessValidityPeriod, PasswordLength, PasswordComplexityPolicy, PasswordChangeReason, Disabled, DisabledReason, ChangeFailure, FailReason, PasswordAge, ExpirationDate, CreationDate, Deleted, LastModifiedBy, VerificationDate, Folder, Name, DeviceType, any account property that has been specified for one or more accounts.

Entitlement report:

By default, the following fields are displayed: User, FullName, Group, GroupOwnership, Location, UserType, TargetPolicy, TargetSystem, TargetAccount, Safe, Read, Change, OtherPermissions

Applications report:

By default, the following fields are displayed: ApplicationID, BusinessOwner, Location, AllowedMachines, OSUser, Path.
The following fields can be added: ApplicationDescription, BusinessOwnerEmail, BusinessOwnerPhone, Disabled, Hash, AccessPermitted, ExpirationDate

Activities log report:

By default, the following fields are displayed: Time, User, Action, Safe, Target (account), Target Platform, TargetAccount, NewTarget, Reason, Alert, RequestID, ClientID

Reports

Defines the list of available reports and their configuration parameters. The specified report parameter determines the information that defines the report.