Dashboards in Privilege Management for Windows

The McAfee ePO integration includes the following dashboards:

  • BeyondTrust Privilege Management: Blocked
  • BeyondTrust Privilege Management: Elevated
  • BeyondTrust Privilege Management: Executed
  • BeyondTrust Privilege Management: Monitoring

To access the dashboards, click on the Dashboards icon and then select one of the Privilege Management for Windows dashboards from the Dashboard dropdown menu. These dashboards show Windows and macOS events.

If you want to add, remove, or amend any of the default monitors for any of the dashboards below, you can do so within McAfee ePO Queries and Reports. We recommend that only advanced McAfee ePO administrators do this. Please refer to McAfee ePO documentation for details on managing dashboards, queries, and reports.

BeyondTrust Privilege Management: Blocked

The BeyondTrust Privilege Management: Blocked dashboard contains all events raised by Privilege Management for Windows relating to applications that were blocked by Privilege Management for Windows policy.

The BeyondTrust Privilege Management: Blocked dashboard includes the following monitors:

  • BeyondTrust Privilege Management: Top 10 Blocked Apps
  • BeyondTrust Privilege Management: Top 10 Blocked by Publisher
  • BeyondTrust Privilege Management: Blocked over Last 7 Days

Each chart element in the monitors can be hovered over to display a count of how many blocked applications make up that element. To view the details of blocked applications for a particular element, click on the element to drill down.

BeyondTrust Privilege Management: Elevated

The BeyondTrustPrivilege Management: Elevated dashboard contains all events raised by Privilege Management for Windows relating to applications that were elevated by Privilege Management for Windows policy. These events include:

  • Auto-Elevated: Applications elevated by Application Privileges policy
  • User-Elevated: Applications elevated by On-Demand shell elevation policy

The BeyondTrust Privilege Management : Elevated dashboard includes the following monitors:

  • BeyondTrust Privilege Management: Top 10 Elevated Apps
  • BeyondTrust Privilege Management: Top 10 Elevated by Publisher
  • BeyondTrust Privilege Management: Elevated over Last 7 Days

Each chart element in the monitors can be hovered over to display a count of how many elevated applications make up that element. To view the details of elevated applications for a particular element, click on the element to drill down.

Privilege Management: Executed

The BeyondTrust Privilege Management: Executed dashboard contains all events raised by Privilege Management for Windows relating to applications that were allowed to execute under Privilege Management for Windows control. These events include:

Auto-Elevated: Applications elevated by Application Privileges policy.

User-Elevated: Applications elevated by On-Demand shell elevation policy.

Passive: Applications granted a passive access token.

Drop-Admin: Applications which have had admin rights removed.

Default-Rights: Applications which have had standard user rights enforced.

Custom-Token: Applications granted a custom created access token.

Admin-required: Applications which require admin rights to run (Privilege Monitoring).

The BeyondTrust Privilege Management: Executed dashboard includes the following monitors:

  • BeyondTrust Privilege Management: Top 10 Executed Apps
  • BeyondTrust Privilege Management: Top 10 Executed by Publisher
  • BeyondTrust Privilege Management: Executed over Last 7 Days

Each chart element in the monitors can be hovered over to display a count of how many executed applications make up that element. To view the details of executed applications for a particular element, click on the element to drill down.

BeyondTrust Privilege Management: Monitoring

The BeyondTrust Privilege Management: Monitoring dashboard contains all events raised by Privilege Management for Windows , relating to applications detected by Privilege Management for Windows , requiring elevated rights to run.

The BeyondTrust Privilege Management: Monitoring dashboard includes the following monitors:

  • BeyondTrust Privilege Management: Top 10 Apps Requiring Elevated Rights
  • BeyondTrust Privilege Management: Top 10 Requiring Elevated Rights by Publisher
  • BeyondTrust Privilege Management: Elevated Rights over Last 7 Days

Each chart element in the monitors can be hovered over to display a count of how many monitored applications make up that element. To view the details of monitored applications for a particular element, click on the element to drill down.