View Dashboards and Reports

After all components are installed, and the security is configured, the dashboards and reports can be viewed. The starting point for the reports is ErpSummary, which are found in the BeyondTrust Privilege Management Reports folder.

If you are unsure of the correct URL to use, you can find it in the Reporting Services Configuration Manager under Web Service URL:

Privilege Management report server URL in SSRS.

By default, the web service URL is https://<reportingserver>/ReportServer.

After you navigate to the correct URL, click the BeyondTrust Privilege Management Web directory, and then click the ERP summary report.

Access Privilege Management reports on the report server.

After you navigate to the ERP Summary report, save the address to your browser’s Favorites list.

There are several dashboards in Privilege Management Reporting:

Summary This report provides a summary overview of information that is available to query.
Discovery A collection of reports that display the applications that are new to the database. The information can be used to inform Workstyle updates.
Actions Summarizes audited items categorized by the type of action taken. This allows focusing on the topic of interest. For example, elevation, blocking, etc.
Target Types Summarizes specific application types that have launched and have been audited. This dashboard includes a sub-report All, where all raw application type data can be viewed in a tabular report.
Workstyles Summarizes all Privilege Management Workstyle usage, including coverage statistics. It identifies the top ten Workstyles responsible for various application outcomes, e.g. elevated, blocked, passive audited, or allocated a Custom Token. This dashboard includes a sub report All, in which all raw Workstyle data can be viewed in a tabular report.
Users Summarizes how users have interacted with messages, challenge / response dialog boxes and the shell integration within the specified time range.
Deployments Summarizes Privilege Management Client deployments. The report shows which versions of Privilege Management are currently installed across the organization. It includes asset information about endpoints such as operating system and default language to assist with Workstyle targeting.
Requests Summarizes information about the requests that have been raised over the time frame. A blocked message with a reason entered or a canceled challenge / response message is a request.
Events Summarizes information about the types of events raised over the time frame. It also shows how long it is since the hosts raised an event.
Database Administration Exposes applications creating excess data that floods the database and impacts performance. It allows purging and suppression of application audits when applications are observed to create undesired audits.

The Database Administration dashboard is not available from the Privilege Management Reporting interface.

Reports are available from the root directory if selected during the Reporting Pack installation:

https://<reportingserver>/ReportServer/

  1. Navigate to the root directory in the internet browser address bar and click BeyondTrust Privilege Management.
  2. Click Admin and then click ErpEventsAdmin.
  3. The Database Administration dashboard is displayed.

There are several summary reports for key items common throughout the Dashboards in Privilege Management Reporting. Summary Reports are available anywhere the Information logo i is displayed, by clicking the logo:

  • Application Summary Report: Detailed statistical overview of a unique application.
  • Event Summary Report : Detailed event log style summary of an event instance.
  • User Summary Report: Detailed statistical overview of a user account.
  • Host Summary Report: Detailed statistical overview of a host computer.
  • Workstyle Summary Report: Detailed statistical overview of a Privilege Management Workstyle.

Many charts and tables in the dashboards can be clicked to drill down into more detailed information.

For more information, please see the following: