Profile Based Reports

ADAudit plus provides a host of pre-configured profile based reports.

Click on the Reports tab and select the Profile Based Reports tab on the left, to view the reports listing.

Account Logon
  • Administrative Users Logon Failure
  • Logon Users
Local Logon-Logoff
  • Network Policy Server Auditing in "domain" name
  • Local Logoff for Computers
  • Local Logon Failures for Computers
  • Local Logon Success for Computers
Account Creation
  • Users Created
  • Groups Deleted
  • Computers Created
User Modification
  • Unlocked Users
  • Password Changed users
  • Password Reset Users
  • Modified Users
  • Renamed or Moved Users
  • User Attributes Changed
  • Users Disabled
  • Locked Out Users
  • Users Enabled
  • Users Deleted
Computer Modification
  • Computers Deleted
  • Computers Modified
  • Computers Moved
  • Computers Enabled
  • Computers Disabled
  • Computer Attribues Changed
Group Modification
  • Security Groups Modified
  • Administrative Groups Modified
  • Distribution Groups Deleted
  • Security Groups Deleted
  • Group Attributes Changed
  • Renamed or Moved Groups
  • Distribution Groups Modified
OU Management
  • OU Attributes Changed
  • OU Modifications
  • OUs Deleted
  • OUs Created
GPO Management
  • GPOs Created
  • GPOs Deleted
  • GPO Modifications
  • GPO Link Changes
  • Flag and Permission Changes
Detailed Tracking
  • Scheduled Tasks Modification in 2003
  • Audit Scheduled Tasks
  • Scheduled Tasks Modification
  • Audit Scheduled Tasks Deleted
  • Scheduled Tasks Creation
  • Tracking the Process
Domain Policy Changes
  • Domain Policy Changes
System Events
  • Audit Changing System Time
  • Audit System Logon
  • Audit Clearing System Audit Log
Advanced AD Objects Audit
  • Password Settings Object Changes
  • Contact Changes
  • Container Changes
  • Container Permission Changes
  • Configuration Changes
  • Configuration Permission Changes
  • Schema Changes
  • Schema Permission Changes
  • Domain DNS Attributes Changed
DNS Audit
  • DNS Changes
  • DNS Permission Changes
Policy Changes
  • User Rights Assigned
  • Policy Changed
  • User Rights Removed
Removable Storage Audit
  • File Read
  • File Copy and Paste
  • File Modified
Network share auditing
  • Network share deleted
  • Network share modified
  • Network share added
  • Network share read
Local Account Management
  • Local Group Management
  • Local User Management

Audit every user logon actions across the Windows server environment. View reports based on specific actions; with data on Logon failures, logon failures based on users, logon activity based on DC / IP Address, Member Server logon activity, user's last logon and many more reports which are domain specific. A Pie / bar chart summarizes the actions in the selected domain.

To view more on advanced configurations and default audit reports available click here.

To view an Audit Report

  1. Click on Reports Tab > Profile Based Reports > Choose Report.
  2. Select the Domain.
  3. Select the Period (between 1 hr and 23 hours), a custom period can also be defined & saved for easy reference.
  4. A graphical display with detailed events summary lists the audit information for the selected period.
  5. Clicking on an event in the bar graph, filters the report view highlighting only the selected event.
  6. Quick search option can be used for precise filtering.

Filter Attributes in the Profile Based Reports Category

The below filter attributes included but are not limited and are dependent on the audit reports added and the attributes can be added or removed to the reports under the Profile Based Reports category using the Add / Remove Columns link.

{Source Computer, Terminated Time, Message, Workstation Name, Logon Type, Logon Duration, Remarks, Client Host Name, Client IP Address, Radius Client IP Address, Radius Client Host Name, Event Type, Logoff Time, Logon Time, When, User Name, CALLER PROCESS NAME, Domain}

Copyright © 2022, ZOHO Corp. All Rights Reserved.
Get download link