View and Track BeyondTrust Vault Activity

Reporting is available to track account and representative activity. Specifically, report administrators and users can view and track information about the following:

  • Check in and check out
  • Password rotations and changes

Screenshot of the /login header highlighting Reports > Vault.

To run reports, go to Reports > Vault in the /login interface. The following report parameters are available for selection:

Screenshot of the Vault Reporting section in /login.

  • Date Range: View all events occurring within a specific date range.
  • Account: View all events associated with a specific domain or local account.
  • Representative: View all events involving a specific representative.

Make your selections and click Show Report.

The report will provide the following information:

Screenshot of Vault reporting data.

  • Timestamp: The date and time the event occurred.
  • Account: The account name used with the event.
  • Event Type: The type of event which occurred, such as a check in, check out, or password change.
  • User: The user or representative who triggered the event.

Events are logged in order to generate reports, and these logs are saved for 90 days.

Non-administrative users may experience a more limited /login user experience, depending on the access granted to them by their administrator. For example, a Vault user with limited permissions may potentially see only the Accounts, Vault, and Reports > Vault tabs.

If a user has been anonymized in an effort to follow compliance standards, the Vault Account Activity report may display pseudonyms for user data or may indicate information has been deleted. To learn more about data anonymization and deletion for compliance efforts, please see Compliance: Anonymize Data to Meet Compliance Standards.

For more information, please see Vault: Report on Vault Account and Rep Activity.