Privileged access operations reports

Managed account check-outs / check-ins

Purpose: Information about current and historical access to managed accounts (check-outs).

Executable: passwordcico

Select the "Report type" first (bottom of the search criteria). The search criteria changes based on the "Report type" you select.

Search criteria

Table 1. Managed account check-outs / check-ins report search criteria

Criteria	Description
Report type	There are three types of reports to select from: Detailed : This mode displays the full details. Summary : In this mode the available search criteria are 'Managed system ID', 'Managed account', 'Search time by', 'Request attribute to search', 'Minimum number of check-outs', 'Maximum number of rows to display' and 'Operation to perform for check-out and check-in'. Accounts that have not been checked out : In this mode, only accounts that have not been checked out will be shown in the report. The available search criteria are 'Managed system ID', 'Managed account' and 'Specify time'.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, search for one or more managed systems.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Requester ID	Type the profile ID of the requester for whom you want to run the report. Alternatively, search for one or more profile IDs.
Recipient ID	Type the profile ID of the recipient for whom you want to run the report. Alternatively, search for one or more profile IDs.
Search time by	Select whether to run the report based on the following: Do not search by time Check-out time Check-in time Expiration time
Specify time	This is only available when Search time by is set to "Expiration time","Check-in time" or "Check-out time". Specify a date range.
Time range	This is only available when Search time by is set to "Check-out time". Specify a time range: Time range not required : This is the default setting. Information is listed regardless of start time. Use time range : Information is only included in the report output if the start time falls within the start time range. Use the: Start time field to select the earliest time to include. End time field to select the latest time to include.
Check-out status	Select the check-out status to include in the report. By default, all are included. Checking out Checked out Checking in Checked in Pending Closed Being expired Expired Being checked in Checked in by another user Check-out failed and was rolled back Check-out failed and rollback failed Check-in failed and was rolled back Check-in failed and rollback failed This option is only available if Report type = Detailed .
Request attribute to search	The request attribute to search by. You can define up to 2 attributes. Choose one of the following options to define an attribute: Attribute not required : This is the default setting. Results are included regardless of their attribute value. <attribute> : Search for check-out/check-in with an attribute value that matches Attribute value to search .
Request attribute to display	Choose from the list of request attributes to be displayed in the report.
Operation to perform for check-out and check-in	Select one or more operations: Password SSH key

Click below to view a demonstration.

Report output

The report output depends on the selected report type.

Table 2. Summary mode output columns

Column	Description
Managed account	The ID of the managed account.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Operation	The operation type (Password or SSH key).
Number of requests	The total number of check-out requests.
Total check-outs	The total number of check-outs.
Status	The current check-out status.

Table 3. Detailed mode output columns

Column	Description
Request ID	The unique identifier of the check-out request.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Managed account	The ID of the managed account.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Approver	The name of the approver, if applicable.
Check-out time	The date and time the account was checked out.
Check-in time	The date and time the account was checked in.
Status	The current check-out status.
Expiry	The expiration date and time of the check-out.
Recorded session ID	The ID of the recorded session, if session monitoring was enabled.
Reason	The reason provided for the check-out request.
Operation	The operation type (Password or SSH key).
SSH auth key	The SSH authentication key, if applicable.

Users with many managed account check-outs

Purpose: Users who checked out access to more than a threshold number of accounts in the indicated time interval.

Executable: pwdcothreshold

Search criteria

Table 4. Users with many managed account check-outs report search criteria

Criteria	Description
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Requester ID	Type the profile ID of the requester for whom you want to run the report. Alternatively, you can search for one or more profile IDs.
Recipient ID	Type the profile ID of the recipient for whom you want to run the report. Alternatively, you can search for one or more profile IDs.
Check-out time	Specify a date range for user check-outs.
Time range	Specify a start time and an end time to check each day. User check-outs made outside of this time range will not be returned in the results, even if they fall in the specified check-out time.
Check-out status	Select the check-out status to include in the report. By default, all are included. Checking out Checked out Checking in Checked in Pending Closed Being expired Expired Being checked in Checked in by another user
Number of check-out threshold per user	Type the minimum amount of check-outs each user must have in the report. This number must be a positive integer.
Checkouts of unique managed accounts	Select this checkbox to report users that have a number of check-outs of unique accounts greater than or equal to the threshold.
Operation to perform for check-out and check-in	Select one or more operations: Password SSH key
Summarize report	Select this checkbox to display a summarized report.
Graph type	Select a type of graph to generate for the report. This option is only available if Summarize report is selected. None : no graph will be generated. Vertical bar chart : a vertical bar chart will be generated for the report.

Report output

The following tables describe the output for the detailed and summary modes of this report.

Table 5. Managed account check-out threshold detail

Column	Description
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Check-out time	The date and time of the check-out.
Managed account	The managed account that was checked out.
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Request status	The status of the access request.
Operation	The type of operation (Password or SSH key).
SSH auth key	The SSH authentication key associated with the check-out.
Check-in time	The date and time of the check-in.
Status	The current status of the check-out.
Expiry	The expiry date and time of the check-out.

Table 6. Managed account check-out threshold summary

Column	Description
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Total count	The total number of managed account check-outs for the recipient.

Group sets check-outs / check-ins

Purpose: List group sets check-out / check-in status.

Executable: managedgroupsetcico

Search criteria

Table 7. Group sets check-outs / check-ins report search criteria

Criteria	Description
Group set ID	Type the ID of a group set ID to include in the report. Alternatively, search for one or more group sets.
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs to include in the report. Alternatively, search for one or more managed system policies.
Target system with group	Type a comma-and-space-delimited list of managed systems with groups managed and checked out to include in the report. Alternatively, search for one or more managed systems.
Group ID	Type the ID of a group you want to include in the report. Alternatively, search for one or more groups.
Requester ID	Type a comma-and-space-delimited list of Profile IDs of requesters to include in the report. Alternatively, search for one or more requesters.
Recipient ID	Type a comma-and-space-delimited list of recipient IDs to include in the report. Alternatively, search for one or more recipients.
Target system with account	Type a comma-and-space-delimited list of target systems with accounts that have been granted temporary group membership to include in the report. Alternatively, search for one or more target systems.
Account	Type an account in the field that has been temporarily added to the group set.
Search time by	Select whether to run the report based on the following: Do not search by time Check-out time Check-in time Expiration time
Specify time	If searching by time, specify a date range.
Time range	If Search time by is set to "Check-out time", specify a time range: Time range not required : This is the default setting. Information is listed regardless of start time. Use time range : Information is only included in the report output if the start time falls within the start time range. Use the: Start time field to select the earliest time to include. End time field to select the latest time to include.
Check-out status	Select the check-out status to include in the report. By default, all are included. Checking out Checked out Checking in Checked in Pending Closed Being expired Expired Being checked in Checked in by another user
Show only temporary group membership failures	Enable this option to list failures in accessing group sets.
Request attribute to search	The request attribute to search by. You can define up to 2 attributes. Choose one of the following options to define an attribute: Attribute not required : This is the default setting. Reports results regardless of their attribute value. <attribute> : Search for check-out/check-in with an attribute value that matches Attribute value to search.
Request attribute to display	Choose from the list of request attributes to be displayed in the report.

Report output

Table 8. Group sets check-outs / check-ins report output columns

Column	Description
Request ID	The unique identifier of the check-out request.
Group set ID	The ID of the group set.
Group set description	The description of the group set.
Existing group set	Indicates whether the group set currently exists.
Policy ID	The managed system policy ID.
Policy description	The description of the managed system policy.
Target with group	The target system that contains the group.
Target description	The description of the target system with the group.
Group ID	The ID of the group.
Group description	The description of the group.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Approver	The name of the approver, if applicable.
Target with account	The target system that contains the account.
Target description	The description of the target system with the account.
Account ID	The ID of the account temporarily added to the group.
Temporary group membership result	The result of the temporary group membership operation.
Check-out time	The date and time the group set was checked out.
Check-in time	The date and time the group set was checked in.
Status	The current check-out status.
Expiry	The expiration date and time of the check-out.
Reason	The reason provided for the check-out request.

Users with many group set check-outs

Purpose: Users who checked out access to more than a threshold number of group sets in the indicated time interval

Executable: gsetcothreshold

Search criteria

Table 9. Users with many group set check-outs report search criteria

Criteria	Description
Group set ID	Type the ID of a group set ID to include in the report. Alternatively, search for one or more group sets.
Requester ID	Type a comma-and-space-delimited list of Profile IDs of requesters to include in the report. Alternatively, search for one or more requesters.
Recipient ID	Type a comma-and-space-delimited list of Profile IDs of recipients to include in the report. Alternatively, search for one or more recipients.
Check-out time	Specify a date range for user check-outs.
Time range	Specify a start time and an end time to check each day. User check-outs made outside of this time range will not be returned in the results, even if they fall in the specified check-out time.
Check-out status	Select the check-out status to include in the report. By default, all are included. Checking out Checked out Checking in Checked in Pending Closed Being expired Expired Being checked in Checked in by another user
Number of check-out threshold per user	Type the minimum amount of check-outs each user must have in the report. This number must be a positive integer.
Summarize report	Select this checkbox to display a summarized report.
Graph type	Select a type of graph to generate for the report. This option is only available if Summarize report is selected. None : no graph will be generated. Vertical bar chart : a vertical bar chart will be generated for the report.

Report output

The following tables describe the output for the detailed and summary modes of this report.

Table 10. Group set check-out threshold detail

Column	Description
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Check-out time	The date and time of the check-out.
Group set ID	The identifier of the group set.
Existing group set	Indicates whether the group set still exists.
Policy ID	The identifier of the policy.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Request status	The status of the access request.
Check-in time	The date and time of the check-in.
Status	The current status of the check-out.
Expiry	The expiry date and time of the check-out.

Table 11. Group set check-out threshold summary

Column	Description
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Total count	The total number of group set check-outs for the recipient.

Group set check-in failures

Purpose: Group set check-ins that could not be completed, for example because of unreachable managed systems or credential problems.

Executable: managedgroupsetcifailures

Search criteria

Table 12. Group set check-in failures report search criteria

Criteria	Description
Group set ID	Type the ID of a group set you want to include in the report. Alternatively, search for one or more group sets.
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs you want to include in the report. Alternatively, search for one or more policies.
Target system with group	Type a comma-and-space-delimited list of managed systems you want to include in the report. Alternatively, search for one or more managed systems.
Group ID	Type the ID of a group you want to include in the report. Alternatively, search for one or more groups.
Requester ID	Type the profile ID of the requester for whom you want to run the report. Alternatively, you can search for one or more profile IDs.
Recipient ID	Type the profile ID of the recipient for whom you want to run the report. Alternatively, you can search for one or more profile IDs.
Target system with account	Type a comma-and-space-delimited list of target systems you want to run the report. Alternatively, search for one or more target systems.
Account	Type an account in the field you want to include in the report.
Search time by	Select whether to run the report based on the following: Do not search by time Failure time Check-out time Expiration time
Specify time	If searching by failure time, check-out time, or expiration time, specify a date range.

Report output

Table 13. Group set check-in failures report output columns

Column	Description
Group set ID	The ID of the group set.
Group set description	The description of the group set.
Existing group set	Indicates whether the group set currently exists.
Policy ID	The managed system policy ID.
Policy description	The description of the managed system policy.
Target with group	The target system that contains the group.
Target description	The description of the target system with the group.
Group ID	The ID of the group.
Group description	The description of the group.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Target with account	The target system that contains the account.
Target description	The description of the target system with the account.
Account ID	The ID of the account that was temporarily added to the group.
Check-out time	The date and time the group set was checked out.
Expiry	The expiration date and time of the check-out.
Failure date	The date and time the check-in failure occurred.
Failure message	The error message describing the check-in failure.

Group set excess memberships

Purpose: List potential group set access that might not have been removed upon having access checked in.

Executable: managedgroupsetexcess

Search criteria

Table 14. Group set excess memberships report search criteria

Criteria	Description
Managed system ID	Type a comma-and-space-delimited list of IDs of managed systems to include in the report. Alternatively, search for one or more managed systems.
Group set ID	Search for and select the group set ID to include in the report.
Group ID	Search for and select the group ID to include in the report.
Target system ID	Type a comma-and-space-delimited list of IDs of target systems to include in the report. Alternatively, search for one or more target systems.
Integration direction	Select the target's integration method: (All): This is the default setting. Reports results for all managed systems Push mode : Reports results for managed systems under a push mode policy Local service mode : Reports results for managed systems under a local service mode policy

Report output

Table 15. Group set excess memberships report output columns

Column	Description
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Group set ID	The ID of the group set.
Group set description	The description of the group set.
Group ID	The ID of the group.
Group description	The description of the group.
Account ID	The ID of the account with excess membership.
Target system ID	The ID of the target system.
Target system description	The description of the target system.
Push integration	Indicates whether the target uses push mode integration.
Pull integration	Indicates whether the target uses local service (pull) mode integration.
Check-in retry count	The number of check-in retry attempts.
First check-in retry	The date and time of the first check-in retry attempt.
Last check-in retry	The date and time of the last check-in retry attempt.

Account set check-outs/check-ins

Purpose: This report allows you to query account set access check-outs and check-ins.

Executable: maqcheckout

Select the "Report type", at the bottom of the search criteria, first. The search criteria will change based on the "Report type" you select.

Search criteria

Table 16. Account set check-outs/check-ins report search critieria

Criteria	Description
Report type	There are three types of reports to select from: Detailed : This mode displays the full details for the account set access check-outs and check-ins. Summary : This mode displays counters for the account set access check-out requests (user manually requesting the check-out), and the total number of account set access check-outs (pre-approved and manually requested check-outs). Account sets that have not been checked out : In this mode, only account sets that have not been checked out, or those that have not been checked out since the date specified in "Specify time" filter, will be shown in the report.
Account set ID	Type a comma-and-space-delimited list of account set IDs to include in the report. Leave the field blank to return all of the account sets or alternatively, search for one or more account set IDs.
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs to include in the report. Leave the field blank to search on all managed system policies or alternatively, search for one or more managed system policy IDs.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, search for one or more managed systems.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Requester ID	Type the profile ID of the requester for whom you want to run the report. Alternatively, search for one or more profile IDs.
Recipient ID	Type the profile ID of the recipient for whom you want to run the report. Alternatively, search for one or more profile IDs.
Search time by	Select whether to run the report based on the following: Do not search by time Request time Check-out time Check-in time Expiration time
Specify time	If searching by time, specify a date range.
Time range	If Search time by is set to "Check-out time", specify a time range: Time range not required : This is the default setting. Information is listed regardless of start time. Use time range: Information is only included in the report output if the start time falls within the start time range. Use the: Start time field to select the earliest time to include. End time field to select the latest time to include.
Check-out status	Select the check-out status to include in the report. By default, all are included. Checking out Checked out Checking in Checked in Pending Closed Being expired Expired Being checked in Checked in by another user This option is only available if Report type = Detailed .
Request attribute to search	The request attribute to search by. You can define up to 2 attributes. Choose one of the following options to define an attribute: Attribute not required : This is the default setting. Reports results regardless of their attribute value. <attribute> : Search for check-out/check-in with an attribute value that matches Attribute value to search .
Request attribute to display	Choose from the list of request attributes to be displayed in the report.

Report output

The report output depends on the selected report type.

Table 17. Detailed mode output columns

Column	Description
Request ID	The unique identifier of the check-out request.
Request time	The date and time the request was made.
Query ID	The ID of the account set query.
Query description	The description of the account set query.
Policy ID	The managed system policy ID associated with the account set.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Account ID	The ID of the managed account.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Approver	The name of the approver, if applicable.
Check-out time	The date and time the account set was checked out.
Check-in time	The date and time the account set was checked in.
Status	The current check-out status.
Expiry	The expiration date and time of the check-out.
Commands executed	The number of commands executed during the check-out.
Reason	The reason provided for the check-out request.

Table 18. Summary mode output columns

Column	Description
Query ID	The ID of the account set query.
Query description	The description of the account set query.
Policy ID	The managed system policy ID associated with the account set.
Number of requests	The total number of check-out requests.
Total check-outs	The total number of check-outs (pre-approved and manually requested).
Status	The current check-out status.

Users with many account set check-outs

Purpose: Reports on users who checked out access to more than a threshold number of account sets in an indicated time interval.

Executable: maqcothreshold

Search criteria

Table 19. Users with many account set check-outs report search criteria

Criteria	Description
Account set ID	Type a comma-and-space-delimited list of account set IDs to include in the report. Leave the field blank to return all of the account sets or alternatively, search for one or more account set IDs.
Requester ID	The requester is the person who requested the account set check-out. Type the profile ID of the requester for whom you want to run the report. Alternatively, search for one or more profile IDs.
Recipient ID	Type the profile ID of the recipient for whom you want to run the report. Alternatively, search for one or more profile IDs.
Check-out time	Specify a date range for user check-outs.
Time range	Specify a start time and an end time to check each day. User check-outs made outside of this time range will not be returned in the results, even if they fall in the specified check-out time.
Check-out status	Select the check-out status to include in the report. By default, all are included. Checking out Checked out Checking in Checked in Pending Closed Being expired Expired Being checked in Checked in by another user
Number of check-out threshold per user	Required. The minimum number of check-outs per user. The minimum value accepted is 1.
Summarize report	Select this checkbox to display a summarized report.
Graph type	Select a type of graph to generate for the report. This option is only available if Summarize report is selected. None : no graph will be generated. Vertical bar chart : a vertical bar chart will be generated for the report.

Report output

The following tables describe the output for the detailed and summary modes of this report.

Table 20. Account set check-out threshold detail

Column	Description
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Check-out time	The date and time of the check-out.
Query ID	The identifier of the account set query.
Policy ID	The identifier of the policy.
Requester ID	The profile ID of the requester.
Requester name	The name of the requester.
Request status	The status of the access request.
Check-in time	The date and time of the check-in.
Status	The current status of the check-out.
Expiry	The expiry date and time of the check-out.

Table 21. Account set check-out threshold summary

Column	Description
Recipient ID	The profile ID of the recipient.
Recipient name	The name of the recipient.
Total count	The total number of account set check-outs for the recipient.

Account set access and commands usage

Purpose: This report allows you to query summary information on account sets check-outs and any commands executed with those account sets.

Executable: maqusage

Search criteria

Table 22. Account set access and commands usage report search criteria

Criteria	Description
Account set ID	Type a comma-and-space-delimited list of account set IDs to include in the report. Leave the field blank to return all of the account sets or alternatively, search for one or more account set IDs.
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs to include in the report. Leave the field blank to search on all managed system policies or alternatively, search for one or more managed system policy IDs.
Display users	If checked the report will display details of the account set users.
Recipient ID	Type a comma-and-space-delimited list of user IDs to include in the report. Leave the field blank to return all users or alternatively, search for one or more user IDs.
Shared	When account sets are created, they can be shared with other users, or kept personal. Choose one of the following options: (All): all account sets (default) Yes : shared account sets only No : personal account sets only
Search time by	Select whether to run the report based on the following: Do not search by time Request time Check-out time Command queue time
Specify time	If searching by time, specify a date range.
Time range	If Search time by is set to "Check-out time", specify a time range: Time range not required : This is the default setting. Information is listed regardless of start time. Use time range: Information is only included in the report output if the start time falls within the start time range. Use the: Start time field to select the earliest time to include. End time field to select the latest time to include.
Minimum number of check-outs	Enter the minimum number of check-outs a account set access must have before it is displayed in this report.
Display command details	If checked, the report will display the details of the commands executed.
Saved command	Choose one of the following options: (All): all commands (default) Yes : saved commands only No : commands not saved Deleted : only commands that were deleted
Command	Enter the commands executed with the account set access.
Command Creator ID	Type a comma-and-space-delimited list of "command creator IDs" or leave it blank to search all command creators. Alternatively, search for one or more command creator IDs.
Shared command	When commands are created, they can be shared with other users, or kept personal. Choose one of the following options: (All): all commands (default) Yes : shared commands only No : personal commands only

Report output

Table 23. Account set access and commands usage report output columns

Column	Description
Query ID	The ID of the account set query.
Query description	The description of the account set query.
Policy ID	The managed system policy ID associated with the account set.
Shared	Indicates whether the account set is shared or personal.
Times checked out	The total number of times the account set was checked out.
Different users	The number of different users who checked out the account set.
Users	The list of users who checked out the account set.
Saved command	Indicates whether the command was saved.
Creator	The ID of the user who created the command.
Command	The command that was executed.
Shared command	Indicates whether the command is shared or personal.
Times executed commands	The total number of times commands were executed.
Commands executed	The commands that were executed.
Commands successful	The number of commands that completed successfully.
Commands failed	The number of commands that failed.

Account set access command execution log

Purpose: Provides information about commands that have been executed in account sets.

Executable: maqcommandlog

Search criteria

Table 24. Account set access command execution log report search criteria

Criteria	Description
Account set ID	Type a comma-and-space-delimited list of account set IDs to include in the report. Leave the field blank to return all of the account sets or alternatively, search for one or more account set IDs.
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs to include in the report. Leave the field blank to search on all managed system policies or alternatively, search for one or more managed system policy IDs.
Search time by	Select whether to run the report based on the following: Do not search by time Request time Check-out time Command queue time
Specify time	If searching by time, specify a date range.
Time range	If Search time by is set to "Check-out time", specify a time range: Time range not required : This is the default setting. Information is listed regardless of start time. Use time range: Information is only included in the report output if the start time falls within the start time range. Use the: Start time field to select the earliest time to include. End time field to select the latest time to include.
Recipient ID	Type the profile ID of the recipient for whom you want to run the report. The recipient is the person who executed the command. Alternatively, search for one or more profile IDs.
Saved command	Choose one of the following options: (All): all commands (default) Yes : saved commands only No : commands not saved Deleted : only commands that were deleted
Command Creator ID	Type a comma-and-space-delimited list of "command creator IDs" or leave it blank to search all command creators. Alternatively, search for one or more command creator IDs.
Command	Enter the commands executed with the account set access.
Shared command	When commands are created, they can be shared with other users, or kept personal. Choose one of the following options: (All): all commands (default) Yes : shared commands only No : personal commands only
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, search for one or more managed systems.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Results	Select one or more of the following options (by default, all are included): Abort Success Waiting to process request Fail

Report output

Table 25. Account set access command execution log report output columns

Column	Description
Query ID	The ID of the account set query.
Query description	The description of the account set query.
Policy ID	The managed system policy ID associated with the account set.
Request time	The date and time the request was made.
Check-out time	The date and time the account set was checked out.
Recipient ID	The profile ID of the recipient who executed the command.
Recipient name	The name of the recipient who executed the command.
Saved command	Indicates whether the command was saved.
Creator	The ID of the user who created the command.
Command	The command that was executed.
Shared command	Indicates whether the command is shared or personal.
Managed system ID	The ID of the managed system where the command was executed.
Account ID	The ID of the managed account used.
Command queue time	The date and time the command was queued for execution.
Number of tries	The number of attempts made to execute the command.
Retry time	The date and time of the last retry attempt.
Results	The result of the command execution (Success, Fail, Abort, or Waiting).
Notes	Any notes associated with the command execution.
Logs	The execution logs for the command.

Privileged access frequency analysis

Purpose: This report allows you to see how often privileged access is being checked out.

Executable: pamfrequencyanalysis

Search criteria

Table 26. Privileged access frequency analysis report search criteria

Criteria	Description
Profile attribute	Define at least one profile attribute, up to a maximum of 4 attributes. Only attributes that can be displayed in reports are available.
Minimum number of users with the same values for each of the specified attributes	The minimum number of requesters/recipients checking out privileged access that matches the profile attribute requirement. Default value is 1.
Include managed accounts	Select this option to see information about single account check-outs.
Minimum number of managed accounts in cluster	The minimum number of single accounts meeting the threshold. This option is only available when Include managed accounts is selected.
Minimum threshold for managed accounts (%)	The minimum percentage of users checking out a particular single account out of the total number of users checking out at least one single account. This option is only available when Include managed accounts is selected.
Include group sets	Select this option to see information about group set check-outs.
Minimum number of group sets in cluster	The minimum number of group sets meeting the threshold. This option is only available when Include group sets is selected.
Minimum threshold for group sets (%)	The minimum percentage of users checking out a particular group set out of the total number of users checking out at least one group set. This option is only available when Include group sets is selected.
Include account sets	Select this option to see information about account set check-outs.
Minimum number of account sets in cluster	The minimum number of account sets meeting the threshold. This option is only available when Include account sets is selected.
Minimum threshold for account sets (%)	The minimum percentage of users checking out a particular account set out of the total number of users checking out at least one account set. This option is only available when Include account sets is selected.
Choose check-out date	Choose a date range to define the check-out date:
Show summary	Summarizes the report. This includes the percentage of users checking out privileged access based on the specified attributes, how many of each privileged access type is checked out, and how many of each privileged access type do not meet the minimum threshold.

Report output

The following tables describe the output for the detailed and summary modes of this report.

Table 27. Privileged access frequency analysis detail

Column	Description
Dynamic attribute columns	Columns based on the selected profile attributes.
Users	The number of users matching the attribute values.
Managed system	The managed system associated with the check-out.
Managed account	The managed account that was checked out.
Managed account users	The number of users who checked out the managed account.
Policy	The policy associated with the check-out.
Group set	The group set that was checked out.
Group set users	The number of users who checked out the group set.
Account set	The account set that was checked out.
Account set users	The number of users who checked out the account set.

Table 28. Privileged access frequency analysis summary

Column	Description
Dynamic attribute columns	Columns based on the selected profile attributes.
Users	The number of users matching the attribute values.
Managed accounts	The number of managed accounts checked out.
Managed account users	The number of users who checked out managed accounts.
Extra managed accounts	The number of managed accounts that did not meet the minimum threshold.
Perfect managed account users	The number of users whose managed account check-outs met the threshold.
Group sets	The number of group sets checked out.
Group set users	The number of users who checked out group sets.
Extra group sets	The number of group sets that did not meet the minimum threshold.
Perfect group set users	The number of users whose group set check-outs met the threshold.
Account sets	The number of account sets checked out.
Account set users	The number of users who checked out account sets.
Extra account sets	The number of account sets that did not meet the minimum threshold.
Perfect account set users	The number of users whose account set check-outs met the threshold.
Perfect users	The number of users whose check-outs met all thresholds.

Access disclosure plugins execution

Purpose: This report returns details of access disclosure plugin executions, including their attributes, who used the access and when.

Executable: pluginexecution

Search criteria

Table 29. Access disclosure plugins execution report search criteria

Criteria	Description
Date	Choose a date range to define the check-out date:
Time range	Choose a time range: Time range not required : This is the default setting. Information is listed regardless of start time. Use time range: Information is only included in the report output if the start time falls within the start time range. Use the: Start time field to select the earliest time to include. End time field to select the latest time to include.
Plugin file name	Select access disclosure plugins: guacamole-rdp guacamole-ssh guacamole-telnet guacamole-vnc pswcmdrun pswxcmd.cab pswxcopy.cab pswxdom.cab pswxtsvc.cab pswxview.cab pswxwebapp securebrowser <any custom disclosure plugins>
User ID	Type a comma-and-space-delimited list of user IDs. Alternatively, search to find the matching user.
Managed system ID	Type a comma-and-space-delimited list of managed system IDs. Alternatively, search to find the matching managed systems.
Account	Enter the ID of the account.
Filter by attribute	Select to filter results based on a specific plugin attribute.
Attribute name	Type a specific plugin attribute. This field only appears if Filter by attribute is selected.
Comparator	Select a comparator: is empty is not empty is equal to This field only appears if Filter by attribute is selected.
Attribute value	Specify an attribute value to filter against. This field only appears if Comparator is set to 'is equal to'.
Display attributes	By default, this option is checked. Uncheck this to show the report without plugin attribute names and values.

Click below to view a demonstration.

Report output

The report output depends on the selected report mode.

Table 30. Detailed mode output columns

Column	Description
Date	The date and time of the plugin execution.
Plugin file name	The file name of the access disclosure plugin.
Plugin description	The description of the access disclosure plugin.
Plugin notes	Any notes associated with the plugin.
Cloned plugin description	The description of the cloned plugin, if applicable.
Account name	The name of the account used.
User name	The name of the user who executed the plugin.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Account ID	The ID of the account.
Attribute name	The name of the plugin attribute.
Attribute value	The value of the plugin attribute.

Table 31. Summary mode output columns

Column	Description
Date	The date and time of the plugin execution.
Plugin file name	The file name of the access disclosure plugin.
Plugin description	The description of the access disclosure plugin.
Plugin notes	Any notes associated with the plugin.
Cloned plugin description	The description of the cloned plugin, if applicable.
Account name	The name of the account used.
User name	The name of the user who executed the plugin.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Account ID	The ID of the account.

Manual password randomization batches

Purpose: List the randomization results of managed account passwords performed manually.

Executable: mngdaccountpwdstatus

Search criteria

Table 32. Manual password randomization batches report search criteria

Criteria	Description
Integration direction	Choose whether to display push mode or local service mode accounts.
Initiator ID	Type a comma-and-space-delimited list of IDs of users who initiated a password randomization. Alternatively, search to find matching initiators.
Date of randomization	Choose a date range during which randomization occurred.
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs. Alternatively, search to find the matching managed system policies.
Managed system ID	Type a comma-and-space-delimited list of managed system IDs. Alternatively, search to find the matching managed systems.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Account attribute to display	Select an account attribute to be included in the report. You can specify up to 3 account attributes.
Manual password randomization batches	Choose whether to display all results, only successes, or only errors.
Summarize report	Select this checkbox to display a summarized report. In this mode, available search criteria are 'Managed system policy', 'Managed system', 'Managed system with account' and 'Initiator'.

Report output

The report output depends on the selected report mode.

Table 33. Detailed mode output columns

Column	Description
Initiator ID	The ID of the user who initiated the password randomization.
Date	The date and time the randomization was performed.
Policy ID	The managed system policy ID.
Policy description	The description of the managed system policy.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Address	The network address of the managed system.
Account ID	The ID of the managed account.
Display attribute 1-3 (dynamic)	The values of the selected account attributes to display (up to 3, based on search criteria selection).
Status	The result of the randomization (Success or Error).

Table 34. Summary by policy/system/account mode output columns

Column	Description
Policy ID	The managed system policy ID.
Policy description	The description of the managed system policy.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Account ID	The ID of the managed account.
Initiator ID	The ID of the user who initiated the randomization.
Attempts	The total number of randomization attempts.
Successful attempts	The number of successful randomization attempts.
Failed attempts	The number of failed randomization attempts.

Password change history

Purpose: Audit of password changes on managed accounts.

Executable: passwordhistory

Search criteria

Table 35. Password change history report search criteria

Criteria	Description
Password type	Choose which password change type to include in the report: (All): is the default which includes Overridden and Randomized Overridden : user defined passwords such as overrides Randomized : system defined passwords such as randomizations and password check-ins.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, search for one or more managed systems. The Advanced search has the following search criteria available: Address : type a managed system address Description : type a managed system description ID : type a managed system ID
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Date of password change	Choose a date range to define the date of password change interval:
Password set by	Type a comma-and-space-delimited list of user IDs for product administrators or IDM Suite Automation users representing actions taken by services. Alternatively, search for one or more user IDs.
Deleted	Managed accounts are marked as deleted in this report when the target system still exists but is no longer managed by Bravura Privilege . Choose to include password changes for deleted managed accounts in the report: (All): is the default which includes password changes for all accounts No : includes only password changes for accounts that have not been deleted {report}Yes : includes only password changes for accounts that have been deleted
Summarize report	Select this checkbox to display a summarized report.

Report output

The following tables describe the output for the detailed and summary modes of this report.

Table 36. Password change history detail

Column	Description
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Managed account	The managed account on the system.
Last password change date	The date and time of the last password change.
Password type	The type of password change (Overridden or Randomized).
Set by	The user or service that set the password.
Deleted	Indicates whether the managed account has been deleted.

Table 37. Password change history summary

Column	Description
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Managed account	The managed account on the system.
Total count	The total number of password changes for the managed account.

Orchestrations

Purpose: Summary and detailed view of past orchestrations.

Executable: orchestrations

Search criteria

Table 38. Orchestestrations report search criteria

Criteria	Description
Orchestation ID	Type the GUID of an orchestration you want to include in the report.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, search for one or more managed systems. The Advanced search has the following search criteria available: Address : type a managed system address Description : type a managed system description ID : type a managed system ID
Managed system description	Type the description of a managed system to include in the report.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Exclude successful orchestrations	Select this checkbox to omit successful orchestrations from the report.
Exclude failed orchestrations	Select this checkbox to omit failed orchestrations from the report.
Exclude outstanding orchestrations	Select this checkbox to omit outstanding orchestrations from the report.
Choose start date	Choose a date range to define the start date.
Choose end date	Choose a date range to define the end date.
Summarize report	Select this checkbox to display a summarized report.

Report output

The report output depends on the selected report mode.

Table 39. Summary mode output columns

Column	Description
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Managed account	The ID of the managed account.
Successful orchestrations	The number of successful orchestrations for this account.
Failed orchestrations	The number of failed orchestrations for this account.
Outstanding orchestrations	The number of outstanding (pending) orchestrations for this account.

Table 40. Detailed mode output columns

Column	Description
Orchestration ID	The unique GUID identifier of the orchestration.
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Managed account	The ID of the managed account.
Operation	The type of orchestration operation performed.
Resource ID	The ID of the resource involved in the orchestration.
Start date	The date and time the orchestration started.
End date	The date and time the orchestration ended.
Results	The result of the orchestration (Successful, Failed, or Outstanding).
Agent message	The message returned by the agent during the orchestration.

Privileged password expiration

Purpose: Reports Managed accounts whose passwords are due to be changed.

Executable: expiredpassword

Search criteria

Table 41. Privileged password expiration report search criteria

Criteria	Description
Managed system policy ID	Type a comma-and-space-delimited list of managed system policy IDs to include in the report. Alternatively, search for one or more policies.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, search for one or more managed systems.
Managed system description	Type the description of a managed system to include in the report.
Managed account	Search for one or more managed accounts you want to report on. Alternatively, you can type a managed account ID or a pattern of managed account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Expired password time	Choose a date range to define the expired password time:

Report output

The following table describes the output for this report.

Table 42. Privileged password expiration

Column	Description
Policy ID	The unique identifier of the managed system policy.
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Managed account	The managed account on the system.
Next expiry	The date and time when the password is next due to expire.
Last expiry	The date and time when the password last expired.

Managed system accounts status

Purpose: Managed systems accounts and their status.

Executable: managedsystemsaccounts

Search criteria

Table 43. Managed system accounts status report search criteria

Criteria	Description
Status	Select a status from the drop-down list: All Managed Unmanaged
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Managed system description	Type the description of a managed system to include in the report.
Managed account	Type the ID of a managed account to include in the report.
Operation to perform for check-out and check-in	Select one or more operations: Password SSH key

Report output

Table 44. Managed system accounts status report output columns

Column	Description
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Address	The network address of the managed system.
Last connection time	The date and time of the last successful connection to the managed system.
Account long ID	The full identifier of the managed account.
Status	The management status of the account (Managed or Unmanaged).
Recipient ID	The profile ID of the last recipient who checked out the account.
Recipient name	The name of the last recipient who checked out the account.
Last check-out time	The date and time of the last check-out.
Account set check-out	Indicates whether the last check-out was via an account set.
Operation	The operation type (Password or SSH key).
SSH auth key	The SSH authentication key, if applicable.

Managed account status

Purpose: Status, including last connection time, last password change and last check-out, of managed systems and accounts.

Executable: discoveredaccountstatus

Search criteria

Table 45. Managed account status report search criteria

Criteria	Description
Status	Select a status from the drop-down list: All Managed automatically or manually Managed manually Managed automatically Unmanaged
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Managed system description	Type the description of a managed system to include in the report.
Last connect time	Choose a date range for the last connect time.
Discovered account	Type the ID of a discovered account to include in the report
Include invalid accounts	Select this checkbox to include invalid accounts in the report.
Account attribute to display	Select one of the attributes from the drop-down list. The value of that attribute will be displayed in the report.
Last password change	Choose a date range for the last password change.
Last check-out time	Choose a date range for the last check-out time.
Operation to perform for check-out and check-in	Select one or more operations: Password SSH key

Report output

Table 46. Managed account status report output columns

Column	Description
Managed system ID	The ID of the managed system.
Managed system name	The name of the managed system.
Address	The network address of the managed system.
Last connection time	The date and time of the last successful connection to the managed system.
Discovered account	The ID of the discovered account.
Display attribute 1-3 (dynamic)	The values of the selected account attributes to display (up to 3, based on search criteria selection).
Status	The management status of the account (Managed automatically, Managed manually, or Unmanaged).
Account is valid	Indicates whether the account is valid.
Last password modification time	The date and time of the last password change.
Recipient ID	The profile ID of the last recipient who checked out the account.
Recipient name	The name of the last recipient who checked out the account.
Last check-out time	The date and time of the last check-out.
Account set check-out	Indicates whether the last check-out was via an account set.
Operation	The operation type (Password or SSH key).
SSH auth key	The SSH authentication key, if applicable.

Session recording details

Administrators must belong to a user group with permission to run reports on particular managed system policies.

Purpose: Quantity and type of data captured in recorded sessions.

Executable: smondata

Search criteria

Table 47. Session recording details report search criteria

Criteria	Description
Access	Type the ID of an account to include in the report.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Managed system description	Type the description of a managed system to include in the report.
Monitored user	Type the profile ID to include in the report. Alternatively, you can search for one or more profile IDs.
User device	Type the ID of the workstation from which the session started.
Choose date range	Specify a date range for data collection.

Report output

The following table describes the output for this report.

Table 48. Session recording details

Column	Description
Monitored user	The profile ID of the monitored user.
User name	The name of the monitored user.
Access	The account that was accessed.
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Start time	The date and time the session started.
End time	The date and time the session ended.
Workstation NetBIOS ID	The NetBIOS name of the workstation.
Session type	The type of session (for example, RDP, SSH).
Clipboard data count	The number of clipboard data captures.
Clipboard data size	The total size of clipboard data captures.
Keyboard strokes count	The number of keyboard stroke captures.
Keyboard strokes size	The total size of keyboard stroke captures.
ZIP packages count	The number of ZIP packages.
ZIP packages size	The total size of ZIP packages.
Screenshot captures count	The number of screenshot captures.
Screenshot captures size	The total size of screenshot captures.
Webcam captures count	The number of webcam captures.
Webcam captures size	The total size of webcam captures.
UI editable count	The number of UI editable element captures.
UI editable size	The total size of UI editable element captures.
UI selectable count	The number of UI selectable element captures.
UI selectable size	The total size of UI selectable element captures.
UI title count	The number of UI title captures.
UI title size	The total size of UI title captures.

Session recording summary

Administrators must belong to a user group with permission to run reports on particular managed system polices.

Purpose: Provides summary information on recorded sessions

Executable: smonstats

Search criteria

Table 49. Session recording summary report search criteria

Criteria	Description
Access	Type the ID of an account to include in the report.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Managed system description	Type the description of a managed system to include in the report.
Monitored user	Type the profile ID to include in the report. Alternatively, you can search for one or more profile IDs.
User login	Type the ID of the user who was logged on to the workstation from which the session started.
User device	Type the ID of the workstation from which the session started.
Choose date range	Specify a date range for data collection.
Session status	Select the status of sessions to include in the report: Active Closed Stale Terminated

Report output

The following table describes the output for this report.

Table 50. Session recording summary

Column	Description
Monitored user	The profile ID of the monitored user.
User name	The name of the monitored user.
Access	The account that was accessed.
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Start time	The date and time the session started.
End time	The date and time the session ended.
Session size	The total size of the recorded session data.
Session type	The type of session (for example, RDP, SSH).
User login	The login ID of the user on the workstation.
Workstation NetBIOS ID	The NetBIOS name of the workstation.
Workstation IP address	The IP address of the workstation.
ZIP packages count	The number of ZIP packages.
ZIP packages size	The total size of ZIP packages.
Status	The current status of the session.

Recorded session package information

Administrators must belong to a user group with permission to run reports on particular managed system policies.

Purpose: Details of recorded session packages.

Executable: smonpackageinfo

Search criteria

Table 51. Recorded session package information report search criteria

Criteria	Description
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
User device	Type the name of the workstation from which the package request was sent.
User device IP address	Type the IP address of the workstation from which the package request was sent.
Requester ID	Type a comma-and-space-delimited list of Profile IDs of requesters to include in the report. Alternatively, search for one or more requesters.
Status	Select the status of packages to include in the report.
Requested time	Specify a date range for requests for packages.

Report output

The following table describes the output for this report.

Table 52. Recorded session package information

Column	Description
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Access	The account that was accessed.
Source	The source of the session package.
Workstation IP address	The IP address of the workstation from which the request was sent.
Requester ID	The profile ID of the user who requested the package.
Requester name	The name of the user who requested the package.
Request date	The date and time the package was requested.
Available date	The date and time the package became available.
Status	The current status of the session package.
Description	A description of the session package.
Reason	The reason for the session package request.

Sessmon sessions

Purpose: Current and historical usage and termination of sessmon sessions.

Executable: passworddisclosure

Search criteria

Table 53. Sessmon sessions report search criteria

Criteria	Description
Recipient ID	Type the ID of the user checking out a managed account. Alternatively, you can search for one or more profile IDs.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Account	Search for one or more accounts you want to report on. Alternatively, you can type an account ID or a pattern of account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Operation to perform for check-out and check-in	Select one or more operations: Group set Password SSH key
User device	Type a comma-and-space-delimited list of IDs of workstation computers or other devices from which a session was started.
User login	Type a comma-and-space-delimited list of IDs of device users that started a session.
Start time	Specify a date range from when sessions started.
Duration minimum	Type a minimum session duration in the format HH:mm:ss.
Duration maximum	Type a maximum session duration in the format HH:mm:ss.
Session status	Select a session status to include in the report. By default, all are included. Any Active Terminated by administrator request Terminated by automatic check-in Terminated because tampering was detected Shutdown by user Stranded from session monitoring
Plugin file name	Select one or more access disclosure plugins: `guacamole-rdp` `guacamole-remote-app` `guacamole-ssh` `guacamole-telnet` `guacamole-vnc` `pswxcmd.cab` `pswxdom.cab` `pswxtsvc.cab` <any custom disclosure plugins>

Report output

The following table describes the output for this report.

Table 54. Sessmon sessions

Column	Description
Recipient ID	The profile ID of the user who checked out the account.
Managed system ID	The unique identifier of the managed system.
Account ID	The identifier of the account that was checked out.
Operation	The type of operation (Password, SSH key, or Group set).
User device	The workstation or device from which the session was started.
User login	The login ID of the user on the device.
Start time	The date and time the session started.
Duration	The duration of the session.
Status	The current status of the session.
Plugin file name	The name of the access disclosure plugin used.
Plugin description	A description of the access disclosure plugin.

Sessions disconnected

Administrators must belong to a user group with permission to run reports on particular managed system policies.

Purpose: Report Bravura Security Fabric sessions that disconnected either by users or by administrators.

Executable: smondisconnected

Search criteria

Table 55. Sessions disconnected report search criteria

Criteria	Description
Disconnection cause	Select the cause of session disconnected to include in the report: (All) Terminated by administrator request Shutdown by user
Administrator ID	Type a comma-and-space-delimited list of IDs of administrators to include in the report. Alternatively, search for one or more requesters. This option does not appear when the Disconnection cause is set to "Shutdown by user".
Monitored user	Type a comma-and-space-delimited list of Profile IDs of requesters to include in the report. Alternatively, search for one or more requesters.
Managed system ID	Type a comma-and-space-delimited list of IDs for managed systems you want to include in the report. Alternatively, you can search for one or more managed systems.
Managed system description	Type the description of a managed system you want to include in the report.
Access	Search for one or more accounts you want to report on. Alternatively, you can type an account ID or a pattern of account IDs using wildcard characters, '*' representing any string of characters and '?' representing any single character.
Start date	Specify a date range from when sessions started.
Operation to perform for check-out and check-in	Select one or more operations: Group set Password SSH key

Report output

The following table describes the output for this report.

Table 56. Sessions disconnected

Column	Description
Disconnection cause	The cause of the session disconnection.
Administrator ID	The ID of the administrator who terminated the session.
Monitored user	The profile ID of the monitored user.
User name	The name of the monitored user.
Managed system ID	The unique identifier of the managed system.
Managed system name	The name of the managed system.
Access	The account that was accessed.
Operation	The type of operation (Password, SSH key, or Group set).
Start time	The date and time the session started.
End time	The date and time the session ended.
Session type	The type of session (for example, RDP, SSH).
User login	The login ID of the user on the workstation.
Workstation NetBIOS ID	The NetBIOS name of the workstation.
Workstation IP address	The IP address of the workstation.

In this section:

Privileged access operations reports

Managed account check-outs / check-ins

Search criteria

Report output

Users with many managed account check-outs

Search criteria

Report output

Group sets check-outs / check-ins

Search criteria

Report output

Users with many group set check-outs

Search criteria

Report output

Group set check-in failures

Search criteria

Report output

Group set excess memberships

Search criteria

Report output

Account set check-outs/check-ins

Search criteria

Report output

Users with many account set check-outs

Search criteria

Report output

Account set access and commands usage

Search criteria

Report output

Account set access command execution log

Search criteria

Report output

Privileged access frequency analysis

Search criteria

Report output

Access disclosure plugins execution

Search criteria

Report output

Manual password randomization batches

Search criteria

Report output

Password change history

Search criteria

Report output

Orchestrations

Search criteria

Report output

Privileged password expiration

Search criteria

Report output

Managed system accounts status

Search criteria

Report output

Managed account status

Search criteria

Report output

Session recording details

Search criteria

Report output

Session recording summary

Search criteria

Report output

Recorded session package information

Search criteria

Report output

Sessmon sessions

Search criteria

Report output

Sessions disconnected

Search criteria

Report output

Search results