1 2 3 Previous Next 63 Replies Latest reply on Aug 29, 2010 6:39 PM by peter_eepc

    Endpoint Encryption Reporting Tool

      For some reason whoever set up EEM decided to assign groups to the machines, instead of individual users, and I do not have a way to get a report on which user logged in to what machine.

       

      When I run the report for users assigned to machines, I get a report with all users of the group assigned to all computers on the group, which is not helpful at all.

       

      I need to be able to add columns to the reports.

       

      I want to run the users last log on date report and want to add a colum with the machine so that I know what machine they were logged on. Is that possible, and how would I do that ?

        • 1. Re: Endpoint Encryption Reporting Tool
          When I run the report for users assigned to machines, I get a report with all users of the group assigned to all computers on the group, which is not helpful at all.

           

          But that's what the situation is? If you assigned a group of users to a group of PCs, then each user in the user group is assigned to each machine in the machine group?

           

          I want to run the users last log on date report and want to add a colum with the machine so that I know what machine they were logged on. Is that possible, and how would I do that ?

           

          You probably need to dump the machine audit "logon" events then if you want to know who is using which machines - the dumpmachineaudit command of sbadmcl will give you that data.

          1 of 1 people found this helpful
          • 2. Re: Endpoint Encryption Reporting Tool

            I know, is the way is configured.  I am in the process of changing that, but it will take some time.

             

            can you poing me in the direction of the location of the command line doc....

            • 3. Re: Endpoint Encryption Reporting Tool

              it's in the "documents" directory of the distribution media, and usually under the Tools directory in the startup menu/documents etc. "Scripting Tool" I think is the name.

              1 of 1 people found this helpful
              • 4. Re: Endpoint Encryption Reporting Tool

                Ok, this is what I found. I am still not sure how to run it

                 

                Example:

                <SafeBoot>

                <SbAdminScripting>

                <SbAdminConnection>

                <ConnectionType>Transient</ConnectionType>

                <Database>SafeBoot Admin Database</Database>

                <AuthType>UserNamePassword</AuthType>

                <AdminUser>SbAdmin</AdminUser>

                <AdminPwd>12345</AdminPwd>

                </SbAdminConnection>

                <SbAdminCommand>

                <Command>DumpMachineAudit</Command>

                <Group>*</Group>

                <File>DumpMachineAudit.txt</File>

                </SbAdminCommand>

                </SbAdminScripting>

                </SafeBoot>

                • 5. Re: Endpoint Encryption Reporting Tool

                  Example:

                  <SafeBoot>

                  <SbAdminScripting>

                  <SbAdminConnection>

                  <ConnectionType>Transient</ConnectionType>

                  <Database>SafeBoot Admin Database</Database>

                  <AuthType>UserNamePassword</AuthType>

                  <AdminUser>SanchezM</AdminUser>

                  <AdminPwd>*********</AdminPwd>

                  </SbAdminConnection>

                  <SbAdminCommand>

                  <Command>DumpMachineAudit</Command>

                  <Group>Internal Audit</Group>

                  <File>DumpMachineAudit-Internal Audit.txt</File>

                  </SbAdminCommand>

                  </SbAdminScripting>

                  </SafeBoot>

                  • 6. Re: Endpoint Encryption Reporting Tool

                    Instead run "Machines Event Audit Report", select machine group and filter user login events. You can also filter from which dates you want to see results.

                    • 7. Re: Endpoint Encryption Reporting Tool

                      Still does not give yoy the user that logged on.

                       

                      100000150PC177780x02000001Logon attempt6/11/2010 8:05:23 AM
                      20000005cPC151350x02000001Logon attempt6/11/2010 8:03:41 AM
                      300000117PC172510x02000001Logon attempt6/11/2010 7:59:39 AM
                      40000005bPC172440x02000001Logon attempt6/11/2010 7:27:33 AM
                      50000010dPC172460x02000001Logon attempt6/11/2010 7:04:00 AM
                      600000112PC172490x02000001Logon attempt6/11/2010 7:03:37 AM

                      • 8. Re: Endpoint Encryption Reporting Tool

                        That is why I was asking if you can customize this reports to add the user colum.

                        • 9. Re: Endpoint Encryption Reporting Tool

                          you can't customize the canned reports, or make your own - it just does what it does.

                           

                          To get to the raw data, use SBADMCL..

                           

                          as to how to use sbadmcl,

                           

                          just type "sbadmcl -help -command:dumpmachineaudit" at a command prompt.

                           

                          you'll need to always submit an id and password using the tags "-adminuser:username -adminpwd:password" for each of the commands.

                           

                          type "sbadmcl -help" for a full list of commands.

                           

                           

                          Message was edited by: SafeBoot on 6/11/10 10:50:16 AM EDT
                          1 2 3 Previous Next