Predefined Templates, Device Control
Ivanti provides a set of predefined templates used by the Log Explorer, based on commonly used audit queries.
You can use the following predefined templates:
|
Template Name |
Shows |
Prerequisite |
|---|---|---|
|
Audit by Administrator 'adm' |
All actions performed by a specific administrator. |
You must change the adm user to an actual administrator in the Template Settings dialog. The result is classified by user. |
|
Audit for PC xyz |
Audit trace for a specific computer. |
You must change the xyz computer to an actual computer name in the Template Settings dialog. |
|
Audit for user 'abcd' |
Audit trace for a specific user. |
You must change the abcd user to an actual computer name in the Template Settings dialog. |
|
Audit today |
Daily audit trace. |
No action is required. |
|
CD-DVD in use this month |
Monthly DVD/CD usage. |
You must enable the Device Log option. |
|
Copy limit met this week |
Weekly copy limit rules that have been met or exceeded. |
You must define a Copy Limit rule. |
|
Denied device acc. this week |
Weekly list of device access denials. |
You must enable the Device Log option. |
|
Devices connected this month |
Monthly list of device connections. |
You must enable the Device Log option. |
|
Devices denied/user this month |
Monthly list of denied device access classified by user. |
You must enable the Device Log option. |
|
Devices often used this month |
Monthly list of devices used most often. |
You must enable the Device Log option. |
|
Everything today |
Everything that happened today. |
No action is required. |
|
Files DVD/CD->PC/user this month |
Monthly list of all files transferred from DVD/CDs to PCs classified by user. |
You must define a Shadow rule. |
|
Files Floppy->PC/user this month |
Monthly list of all files transferred from floppy disks to PCs classified by user. |
You must define a Shadow rule. |
|
Hardening violations this month |
All client hardening violations detected this month. |
You must first configure the Client Hardening option. |
|
Keylogger this week |
All key logging violations and intrusions detected this week. |
You must first configure the USB Key Logger option. |
|
Medium Encrypted by User |
All media encrypted by users. |
You must define permissions for removable devices. |
|
Medium Encrypted this month |
Monthly list of all media encrypted by users. |
You must define permissions for removable devices. |
|
PC->DVD/user this month |
Write granted by DVD/CD device, PC, and user for the month. |
You must enable the Device Log option. |
|
PC->Floppy/user this month |
Write granted by floppy disk device, PC, and user for the month. |
You must enable the Device Log option. |
|
PC->Remove/user this month |
Read granted by removable storage device, PC, and user for the month. |
You must enable the Device Log option. |
|
Remove->PC/user this month |
All read operations from removable storage devices for the month, classified by user. |
You must define a Shadow rule. |
|
Shadow by file type for this month |
A shadow copy of the file name or the entire file. for all files copied for the month. classified by file type. |
You must define a Shadow rule. |
|
Shadow by user per month |
A shadow copy of the file name or the entire file. for all files copied for the month. classified by user. |
You must define a Shadow rule. |
|
Shadow exp by size dsc this month |
A shadow copy of the file name or the entire file, for all files copied to an external device for the month, classified by size. |
You must define a Shadow rule. |
|
Shadow files >10 MB this month |
A shadow copy of the file name or the entire file. for all files copied to an external device larger than 10 MB. for the month. |
You must define a Shadow rule. |
|
Shadow imp by size dsc this month |
A shadow copy of the file name or the entire file. for all files copied from an external device for the month. classified by size. |
You must define a Shadow rule. |
|
Shadow mp3. mp4 by user |
A shadow copy of the file name or the entire file. for all music and video files copied for the day. classified by user. |
You must define a Shadow rule. |
|
Shadowing today |
A shadow copy of the file name or the entire file, for all files copied for the day. |
You must define a Shadow rule. |
|
Users denied device this week |
All device permissions denied by user for the week. |
You must enable the Device Log option. |