Help Document

Available reports

Log360 Cloud provides comprehensive reports for log sources: Windows, Unix, network devices, applications, threat sources, vulnerability scanners, and vCenter. These reports provide details about events such as who performed what and from where.

Available reports

 

Report category Available reports
Windows
  • Windows severity
  • Trust relationships changes
  • Threat detection
  • Windows failed logons
  • Windows risk
  • Program inventory
  • Threat detection from antivirus
  • Application whitelisting
  • Hyper-V VM management
  • Windows backup and restore
  • Windows logoff
  • File monitoring
  • Computer account management
  • User account management
  • Windows firewall auditing
  • Network policy server
  • GPG compliance
  • Network share
  • Process tracking
  • Windows logon
  • OU changes
  • Infrastructure
  • Registry changes
  • Group management
  • DNS server
  • Windows firewall threats
  • Policy changes
  • Hyper-V server events
  • AD DNS server
  • GPO changes
  • Application crashes
  • Domain controller logon
  • Removable disk auditing
  • Data theft detection
  • Domain events
  • Windows system events
Vulnerability
  • Nessus compliance
  • Nessus vulnerability
  • OpenVas
  • NMAP
  • Top reports
  • Qualys
Unix
  • Unix threats
  • Unix mail server
  • Unix user account management
  • Unix FTP server
  • Unix failed logon
  • VMWare system events
  • SU commands
  • Unix logon
  • Unix removable disk auditing
  • Unix risk
  • VMWare server events
  • AS400
  • Unix other events
  • Unix severity
  • Unix NFS events
  • Unix logoff
  • Unix system events
  • VMWare logons/logoff
Network devices

Predefined reports for Barracuda, Check Point, Cisco, Fortinet, Huawei, Juniper, Meraki, NetScreen, Palo Alto, SonicWall, Sophos, and WatchGuard devices.
  • Network device risk
  • Router/Switch system events
  • Firewall traffic
  • Firewall VPN logon
  • Router accepted connections
  • Router traffic rrrors
  • Firewall threats
  • Firewall account management
  • Firewall denied connections
  • IDS/IPS activity
  • Router configuration
  • Router denied connections
  • Network device severity
  • Firewall logon
  • Router logon
  • Router traffic report by protocol
Threats
  • Symantec DLP
  • FireEye
  • Symantec
Applications
  • Terminal server gateway logons
  • Terminal server gateway top reports
  • Apache web server attack
  • IIS web server attack
  • Printer auditing
  • Oracle server¬†auditing
  • Oracle account management auditing
  • SQLserver security
  • SQLserver DML auditing
  • Oracle database object changes
  • Terminal server gateway communications
  • IIS web server top reports
  • IIS web server errors
  • SQLserver auditing
  • Oracle security
  • SQLserver DDL auditing
  • DHCP Linux based server
  • Apache web server errors
  • DHCP Windows based server reports
  • IIS FTP server
  • SQLserver account management¬†auditing
vCenter
  • Permission changes
  • Role changes
  • Cluster changes
  • Datacenter changes
  • Folder changes
  • VM changes
  • Datastore changes
  • Host changes
  • Resourcepool changes