Predefined Templates
Ivanti provides a set of predefined templates used by the Log Explorer, based on commonly used audit queries.
You can use the following predefined templates:
| Template Name | Shows | Prerequisite |
|---|---|---|
| Audit by Administrator 'adm' | All actions performed by a specific administrator. | You must change the adm user to an actual administrator in the Template Settings dialog. The result is classified by user. |
| Audit for PC xyz | Audit trace for a specific computer. | You must change the xyz computer to an actual computer name in the Template Settings dialog. |
| Audit for user 'abcd' | Audit trace for a specific user. | You must change the abcd user to an actual computer name in the Template Settings dialog. |
| Audit today | Daily audit trace. | No action is required. |
| CD-DVD in use this month | Monthly DVD/CD usage. | You must enable the Device Log option. |
| Copy limit met this week | Weekly copy limit rules that have been met or exceeded. | You must define a Copy Limit rule. |
| Denied device acc. this week | Weekly list of device access denials. | You must enable the Device Log option. |
| Devices connected this month | Monthly list of device connections. | You must enable the Device Log option. |
| Devices denied/user this month | Monthly list of denied device access classified by user. | You must enable the Device Log option. |
| Devices often used this month | Monthly list of devices used most often. | You must enable the Device Log option. |
| Everything today | Everything that happened today. | No action is required. |
| Files DVD/CD->PC/user this month | Monthly list of all files transferred from DVD/CDs to PCs classified by user. | You must define a Shadow rule. |
| Files Floppy->PC/user this month | Monthly list of all files transferred from floppy disks to PCs classified by user. | You must define a Shadow rule. |
| Hardening violations this month | All client hardening violations detected this month. | You must first configure the Client Hardening option. |
| Keylogger this week | All key logging violations and intrusions detected this week. | You must first configure the USB Key Logger option. |
| Medium Encrypted by User | All media encrypted by users. | You must define permissions for removable devices. |
| Medium Encrypted this month | Monthly list of all media encrypted by users. | You must define permissions for removable devices. |
| PC->DVD/user this month | Write granted by DVD/CD device, PC, and user for the month. | You must enable the Device Log option. |
| PC->Floppy/user this month | Write granted by floppy disk device, PC, and user for the month. | You must enable the Device Log option. |
| PC->Remove/user this month | Read granted by removable storage device, PC, and user for the month. | You must enable the Device Log option. |
| Remove->PC/user this month | All read operations from removable storage devices for the month, classified by user. | You must define a Shadow rule. |
| Shadow by file type for this month | A shadow copy of the file name or the entire file. for all files copied for the month. classified by file type. | You must define a Shadow rule. |
| Shadow by user per month | A shadow copy of the file name or the entire file. for all files copied for the month. classified by user. | You must define a Shadow rule. |
| Shadow exp by size dsc this month | A shadow copy of the file name or the entire file, for all files copied to an external device for the month, classified by size. | You must define a Shadow rule. |
| Shadow files >10 MB this month | A shadow copy of the file name or the entire file. for all files copied to an external device larger than 10 MB. for the month. | You must define a Shadow rule. |
| Shadow imp by size dsc this month | A shadow copy of the file name or the entire file. for all files copied from an external device for the month. classified by size. | You must define a Shadow rule. |
| Shadow mp3. mp4 by user | A shadow copy of the file name or the entire file. for all music and video files copied for the day. classified by user. | You must define a Shadow rule. |
| Shadowing today | A shadow copy of the file name or the entire file, for all files copied for the day. | You must define a Shadow rule. |
| Users denied device this week | All device permissions denied by user for the week. | You must enable the Device Log option. |