Help Document

Reports

Log360 Cloud provides comprehensive reports for log sources: Windows, Unix, and network devices. These reports provide details about events such as who performed what and from where. The product also gives users the option of exporting reports.

Available reports

 

Reports Module Report category Available reports
Devices Windows
  • Windows Events
  • Windows Severity Reports
  • Windows Critical Reports
  • Windows Logon Reports
  • Windows System Events
  • Threat Detection
  • Removable Disk Auditing
  • Network Policy Server
  • Registry Changes
  • Windows Backup and Restore
  • Application Crashes
  • Windows Firewall Auditing
  • DNS Server
  • AD DNS Server
  • Network Share
  • File Monitoring
  • Trust Relationships Changes
  • OU Changes
  • GPO Changes
  • Domain Controller Logon Reports
  • Policy Changes
  • Computer Account Management
  • Group Management
  • User Account Management
  • Process Tracking
  • Windows Logoff Reports
  • Windows Failed Logon Reports
  • Threat Detection From Antivirus
  • Infrastructure Reports
  • Windows Important Events
  • Hyper-V Server Events
  • Windows Firewall Threats
  • Application Whitelisting
  • Program Inventory
  • Domain Events
  • Hyper-V VM Management
Devices Unix
  • Unix Events
  • Unix Logon Reports
  • Unix Logoff Reports
  • Unix Failed Logon Reports
  • Unix User Account Management
  • Unix Removable Disk Auditing
  • SUDO Commands
  • Unix Mail Server Reports
  • Unix Threats
  • Unix NFS Events
  • Unix Other Events
  • Unix FTP Server Reports
  • Unix System Events
  • Unix Severity Reports
  • Unix Critical Reports
Devices Network devices

Predefined reports for Arista, Barracuda, Check Point, Cisco, F5, Fortinet, FirePower, H3C, Huawei, Juniper, Meraki, NetScreen, pfSense, Palo Alto, SonicWall, Sophos, and WatchGuard devices.

  • All Events
  • Important Events
  • Router Logon Report
  • Router Configuration Report
  • Router Accepted Connections
  • Denied Connections
  • Router Traffic Report by Protocol
  • Router/Switch System Events
  • Router Traffic Errors
  • IDS/IPS Activity
  • Firewall Threats
  • Firewall Traffic Reports
  • Denied Connections
  • Common Reports
  • Firewall Logon Reports
  • Firewall Account Management
  • Firewall VPN Logon Reports
  • Firewall VPN Users Reports
  • VPN Connection Status Report
  • Network Device Severity Reports
  • Network Device Risk Reports
  • Firewall Website Traffic Reports
Cloud Sources AWS
  • User Login Activity
  • Failed/Unauthorized Activity
  • IAM Activity
  • User Activity
  • Network Security Groups
  • VPC Activity
  • S3 Bucket Activity Reports
  • WAF Reports
  • Security Token Service
  • AWS Config Reports
  • EC2 Reports
  • Amazon Auto Scaling Reports
  • Amazon ELB Reports
  • RDS Reports
  • Route 53
  • S3 File Changes Audit
  • S3 Traffic Analysis Reports
  • ELB Traffic Analysis Reports
Applications Oracle
  • Oracle Events
  • Auditing Account Management
  • Auditing Report
  • Auditing Server Report
  • Security Reports
SQL server
  • SQL Server Events
  • SQLServer Trend Report
  • DD Auditing Report
  • DM Auditing Report
  • Auditing Account Management
  • Auditing Server Report
  • Attack Reports
  • DBCC Information Report
  • Permission Denied Report
  • Integrity Report
  • Host Activity Report
  • Violation Report
  • Additional Security Reports
  • Server Log Reports
Terminal
  • Terminal Server Events
  • Terminal Server Gateway Communications
  • Terminal Server Gateway Logons
  • Terminal Server Gateway Top Reports
Printer
  • Printer Auditing
  • Printer Events
Sysmon
  • Sysmon Events
  • Process Audit Report
  • Registry Audit Report
  • File Audit Report
  • Library And Drivers Report
  • Network Audit Report
  • WMI Audit Report
  • Configuration Report
Malwarebytes
  • Malwarebytes Reports
Fireeye
  • FireEye Reports
Symantec Endpoint Protection
  • Symantec Reports
Symantec DLP
  • Symantec DLP Reports
CEF Format
  • CEF Format Reports
Mcafee
  • McAfee Events
  • McAfee Threat Reports
  • McAfee Virus Reports
Trend Micro
  • Trend Micro Events
  • Logon Reports
  • Policy Management
  • User Account Management
  • Security Reports

Report Exporting

Log360 Cloud gives users the ability to export reports as PDF or CSV files. You also have the option to view all the reports that were exported.

To export reports,

  • Go to the report you want to export and click the Export drop-down button on the top-right corner of the report.
  • Select the format in which you want the report to be exported.
  • The export history section will open automatically to display the exports queue.
  • For each export, you have the option of downloading the report or clearing it from the queue by selecting an appropriate option.

To view export history, click the at the top-right corner of a report. You will be displayed a list of the last 50 reports that were exported.

Note: The export history has a maximum limit of 100 exports. If you want to perform exports after the limit is exceeded, you need to clear an equal number of exports from the history.