Log360Cloud Reports
Log360Cloud offers 1000+ out-of-the-box reports and also the capability to create custom reports as per your requirements. These reports can help review the key security events happening in your network and also meet compliance requirements.
The reports can be accessed from the Reports tab of the UI. The events shown in the reports can be drilled down to the raw logs and filtered based on various log fields.
Available Reports:
Note: Some AD reports include object filter that can be used to filter data based on the domain objects.
| Reports Module |
Report category |
Available reports |
| Devices |
Windows |
- Windows Events
- Windows Severity Reports
- Windows Critical Reports
- Windows Logon Reports
- Windows System Events
- Threat Detection
- Removable Disk Auditing
- Network Policy Server
- Registry Changes
- Windows Backup and Restore
- Application Crashes
- Windows Firewall Auditing
- DNS Server
- AD DNS Server
- Network Share
- File Monitoring
- Trust Relationships Changes
- Domain Controller Logon Reports
- Policy Changes
- Group Management
- User Account Management
- Process Tracking
- Windows Logoff Reports
- Windows Failed Logon Reports
- Threat Detection From Antivirus
- Infrastructure Reports
- Windows Important Events
- Hyper-V Server Events
- Windows Firewall Threats
- Application Whitelisting
- Program Inventory
- Domain Events
- Hyper-V VM Management
- User activity
|
| Devices |
Active Directory |
- User Logon Reports
- Local Logon-Logoff
- Account Management
- User Management
- Group Management
- Computer Management
- Permission Changes
- Configuration Auditing
- DNS Changes
- AzureAD Password Protection
- Domain Object Changes
- LAPS Audit
- OU Management
- GPO Management
- Other AD Object Changes
|
| Devices |
Unix |
- Unix Events
- Unix Logon Reports
- Unix Logoff Reports
- Unix Failed Logon Reports
- Unix User Account Management
- Unix Removable Disk Auditing
- SUDO Commands
- Unix Mail Server Reports
- Unix Threats
- Unix NFS Events
- Unix Other Events
- Unix FTP Server Reports
- Unix System Events
- Unix Severity Reports
- Unix Critical Reports
|
| Devices |
Network devices |
Predefined reports for Arista, Barracuda, Check Point, Cisco, F5, Fortinet, FirePower, H3C, Huawei, Juniper, Meraki, NetScreen, pfSense, Palo Alto, SonicWall, Sophos, WatchGuard devices, Dell, Forcepoint and StormShield.
- All Events
- Important Events
- Router Logon Report
- Router Configuration Report
- Router Accepted Connections
- Denied Connections
- Router Traffic Report by Protocol
- Router/Switch System Events
- Router Traffic Errors
- IDS/IPS Activity
- Firewall Threats
- Firewall Traffic Reports
- Denied Connections
- Common Reports
- Firewall Logon Reports
- Firewall Account Management
- Firewall VPN Logon Reports
- Firewall VPN Users Reports
- VPN Connection Status Report
- Network Device Severity Reports
- Network Device Risk Reports
- Firewall Website Traffic Reports
|
| Devices |
VM Management |
Predefined reports for ESXi
- Hypervisor Events
- VMWare Logons/Logoff
- VMWare System Events
- VMWare Server Events
|
| Cloud Sources |
AWS |
- User Login Activity
- Failed/Unauthorized Activity
- IAM Activity
- User Activity
- Network Security Groups
- VPC Activity
- S3 Bucket Activity Reports
- WAF Reports
- Security Token Service
- AWS Config Reports
- EC2 Reports
- Amazon Auto Scaling Reports
- Amazon ELB Reports
- RDS Reports
- Route 53
- S3 File Changes Audit
- S3 Traffic Analysis Reports
- Classic LoadBalancer Reports
- Application LoadBalancer Reports
- Network LoadBalancer Report
|
| Microsoft 365 |
- Microsoft 365 Overview
- Exchange online
- Azure AD
- Microsoft Teams
- OneDrive Online
- Sharepoint Online
|
