This document provides information about the Occurrences by credential report screen, which displays a ranking of sessions based on audited commands executed and the credentials used.
Path to access
- On Segura®, in the navigation bar, hover over the Products menu and select User Behavior.
- In the side menu, select Audited command logs > Occurrences by credential.
Actions menu
| Item | Type | Description |
|---|---|---|
| Actions | Dropdown menu | Displays the options Print report, Export CSV, and Schedule report. |
Search fields
| Item | Type | Description |
|---|---|---|
| Command | Dropdown menu | Filters commands by their name. |
| Action of session | Dropdown menu | Filters commands by the action executed according to the audited command record. The available options are Allow, Lock, Interrupt, and Force. Clear the field to enable the All option. |
| Remote device | Text field | Filters commands by the command’s target-device. |
| Credential | Text field | Filters commands by the credential used. |
| Session start | Date picker | Filters commands by the session date. Use this field to enter the start date of the period. |
Report fields
- Command.
- Action during session.
- Remote device.
- Credential.
- Sessions: number of sessions in which this command was executed.
- Actions:
- View credential history: opens the Sessions with occurrences detected screen.
Info
By default, the report displays 30 records per screen. To go to the next screen, click the forward buttons at the end of the report.