Help Center

Third-party software Contact us

Configuring audit report profiles

Audit configuration offers seven profile categories that can be customized to fit specific endpoint security needs. Each profile categories has multiple profiles configured by default. These are:

Profile category Audit profile Default configuration setting
File Integrity Monitor
  • File Integrity Monitoring - File System
  • Sensitive File Activity Monitoring and Response - File System
Removable Storage
  • Data Leak Prevention - USB
  • Removable Device Auditing
  • Sensitive File Activity Monitoring and Response - USB
  • File accesses made to USB drives.
  • File accesses detected in plugged-in USB devices.
  • File accesses detected in plugged-in devices and for files classified as Restricted.
Printer Data Leak Prevention - Printer Print jobs initiated by users.
Email Client
  • Data Leak Prevention - Email
  • Sensitive File Activity Monitoring and Response - Email
  • Outbound emails for all users configured.
  • Outbound emails for emails classified as Restricted.
Web Possible File Upload and Download - Web Potential browser activity.
File Share File Activity Monitoring File actions made to shared folders.
Network Share Network Share File Activity Monitoring File actions made to shared folders by accessing the network path.

Follow the steps below to customize report profiles:

  • Select Endpoint DLP from the drop-down menu.
  • Go to Configuration > Audit/Alert Profiles > Report Configuration.
  • Select the report profile to customize audit parameters. The two available parameters categories are:
    • Include parameters can be used to customize audits based on user-centric parameters, like user name and last access time, and file-centric parameters, like file classification and file type.
    • Exclude parameters have similar options to exclude users or objects from endpoint auditing.
    • The Exclude parameters override the Include parameters in case of overlaps.
    • Click Save.

Note: File copy and paste actions will be monitored by default and will be reflected in the Clipboard Control and File Paste Report, respectively. Ensure that at least one DLP policy and the Clipboard Control policy have been enforced in endpoints generating data in reports.

Don't see what you're looking for?

  • Visit our community

    Post your questions in the forum.

  • Request additional resources

    Send us your requirements.