This document provides information about the Unauthorized executions screen, which displays records of actions executed by users that violated established access or privilege policies on Windows systems.
Access path
- On Segura® Platform, in the navigation bar, hover over the Products menu and select EPM.
- In the side menu, select Reports > Windows > Unauthorized executions.
Actions menu
| Item | Type | Description |
|---|---|---|
| Actions | Dropdown menu | Displays the options Print report, Export CSV, and Schedule report. |
Search fields
| Item | Type | Description |
|---|---|---|
| Application type | Dropdown menu | Filters records by the application type. Clear the field to enable the All option. |
| Hostname | Text field | Filters records by the hostname. |
| User | Text field | Filters records by the username. |
| Domain | Text field | Filters records by the domain name. |
| Date | Date picker | Filters records by the occurrence period. |
Report fields
- Hostname.
- User.
- Domain.
- Client OS: displays the operating system installed on the device.
- Application type.
- Application: displays the path and name of the executed application.
- Event type: displays the registered event.
- Date/Time: displays the date and time of the occurrence.
- Actions:
- Event Data: open the Event details screen.
Info
By default, the report displays 30 records per screen. To go to the next screen, click the forward buttons at the end of the report.