You are here: Reference > Console > Web application > Reporting

Reporting

UserLock reports allow you to leverage the user session activity and multi-factor authentication data stored in the database.

You can access this section by clicking on the Reporting icon icon in the application menu.
The sub-menu allows you to navigate between the different reports available.

List of reports

Event Timeline: list of all events in chronological order
Session History: list of all user session events from protected machines of your network.
Concurrent Session History: list of all users who have opened sessions concurrently on the same day.
Single Sign-On events: list of all login/logout events associated with SaaS sessions.
Wi-Fi session history: list of all events associated with Wi-Fi sessions with duration and amount of data sent and received.
VPN Session History: list of all events associated with VPN sessions with the duration and amount of data sent and received.
IIS Session History: list of all events associated with sessions on web applications hosted on an IIS server protected by UserLock.
MFA event reports: list of failed MFAs, cancelled MFAs, help requests made, etc.
Denied Connections: list of connections denied by Active Directory and UserLock, based on configured access rules
Working hours reports: daily, weekly or monthly logging of your network users' connection hours, and per-user logging of connection hours outside of authorized working hours.
User status changes: lists status changes related to the configuration made in the server properties of the desktop console.

Administrator Action Report

When a UserLock administrator initiates an action on a session or machine, a record of that activity is kept in the database. The new UserLock web application is now enriched with new reports allowing you to view all these activities to better control the activity of your administrators.

For each action triggered, you will be able to see :

The date, time and duration of the execution
The type of action triggered
The targets targeted by the action (machines or sessions)
The administrator who triggered the action
The results of the action

In a future version of UserLock, we plan to enrich this report with additional filters specifically to show all administrator actions, including:

Actions on users
Modifications of server properties
Modifications of server properties

This will allow you to have a clear history of all your administrators' activities on UserLock.

Composition of a report

Most of the reports in the UserLock web application consist of statistics, graphs, and a table of data. Each report can be filtered on a specific time period and on all the columns that compose it.

Time period

The time period can be easily changed using the control at the top of the reports:

Time period

By clicking on it, a sub-menu appears, allowing you to select the dates and times of the period you want. You can also use the predefined periods on the left of the submenu.

Time period - Calendar

By clicking on the "Apply" button, you can refresh the report with the new filter.

Filters

To obtain more accurate data, you can apply filters to all the columns that make up a report.

To open the filters panel, click on the following button: Filters

Once the filters panel is open, select the field you want to filter, the type of search you want, and enter or select the value.

Session type

To apply more than one, click on the button Add

To delete a filter, click on the button Remove

You can also choose whether at least one or all conditions should be applied: Filter condition

By clicking on the "Apply" button, the report is refreshed.

Columns

Table columns can be displayed/hidden using the column selector, available by clicking on the "Columns" button at the top right of the table.

You can also group data using the drop-down list next to the same button.

Column chooser

Export

The UserLock web console (v12 or higher) allows you to export all reports in PDF, Excel and CSV format.

To export a report, click on the Export button Export then select the desired format from the drop-down list that appears.

A window will open, allowing you to choose whether to export all the records in the report, or only those displayed on the page.

Export options

After selecting the desired option and clicking the OK button, a notification will appear in the top right-hand corner to indicate that the export is in progress. Once the export is complete, a "Download" button will appear in this notification allowing you to retrieve the file:

Export complete

The files are generated in the %programData%\UserLock\Exports directory of the UserLock server and are deleted once the user clicks the Download button.

Scheduling reports

Reports are not yet schedulable from the web application. This feature will be available in the next release.

Default report configuration

When a report is opened, it is automatically generated for the configured default period (7 days). Depending on the number and type of events in your database, the loading time when a report is opened may be long.

If you notice this, we advise you to configure the settings in the "Report settings" section of the UserLock options, accessible from the general menu icon.

Default period: 7 days by default. Setting a smaller number of days will effectively reduce loading time.
Exclude session types: Depending on your environment, some session types may generate a high number of events, such as IIS sessions. If you feel that these session types are not important in your reports, you can automatically exclude them for each report. However, you can display them at any time by changing the report filter if you need them from time to time.