Descriptions of Preconfigured Reports
The Auditing and Reporting module comes with a number of preconfigured reports that allow you to start analyzing data right away. The report templates are .xml files and are installed in %systemdrive%\ProgramData\Globalscape\EFT Server Enterprise\Reports or \EFT Server\Reports. If you plan to edit the default templates, it is a good idea to save a backup of them first. (Note: On Windows Server 2003 and earlier, the files are in ..\Documents and Settings\All Users\Application Data\Globalscape\EFT Enterprise\Reports or \EFT Server\Reports.) You can also use these reports as templates to create your own custom reports.
The preconfigured reports fall into the following categories:
-
Billing: If you need to bill your customers for file transfer services and need to supply accurate reports to customers and for your own invoicing purposes, these reports allow you to query and produce reports based on multiple criteria such as a specific client, a group of clients or all clients, a particular date range, and a specific file or all files transferred for that user.
-
Non-repudiation: If you need to audit transactions throughout their life cycle and determine whether a particular Event occurred and when it occurred, these reports allow you to search for all activity for a specific user for a specific date or to locate a transaction within a date range for auditing purposes, and allow you to show conclusively whether something happened, when it happened, and who was responsible for making it happen.
-
Statistics: Gathering statistical data allows you to take preventive measures (such as scale to meet increasing demand), to establish trends, create general usage reports for stakeholders, and to query and analyze trends and server usage (peak usage times, most active customers, etc.).
-
Technical troubleshooting: Granular auditing of all socket, protocol, authentication, and transaction information allows the administrator to quickly locate and solve problem scenarios.
The preconfigured reports described below are provided with the Auditing and Reporting module. You can run the reports as is or edit them to suit your specific needs.
-
Activity - Ad Hoc(Detailed) - This report displays activity for ad hoc file transfer activity, sorted by date in reverse chronological order. If a user sent multiple files on one e-mail, each file is listed in the report.
-
Activity - Ad Hoc(Summary) - This report displays all ad hoc file transfer activity, grouped by username, and sorted by date in reverse chronological order. If a user sent multiple files on one e-mail, each file is listed in the report.
-
Activity - Ad Hocby File (Detailed) - This report displays all ad hoc file transfer activity for a specified file name, and sorted by date in reverse chronological order. If a user sent multiple files on one e-mail, each file is listed in the report.
-
Activity - Ad HocBy Recipient (Detailed) - This report displays all ad hoc file transfer activity for a specified recipient's e-mail address, and sorted by date in reverse chronological order. If a user sent multiple files on one e-mail, each file is listed in the report. When you click Show Report, the Enter Report Parameters dialog box appears. Provide the entire e-mail address.
-
Activity - Ad Hocby Sender (Detailed) - This report displays all ad hoc file transfer activity for a specified sender's e-mail address, and sorted by date in reverse chronological order. If a user sent multiple files on one e-mail, each file is listed in the report. When you click Show Report, the Enter Report Parameters dialog box appears. Provide the entire e-mail address.
-
Activity - All File Transfers - This report displays all file transfers as server, client, and LAN-copy event. Displays date and time, target path, account, direction, IP address, size in KB, code, and result (success/failure).
-
Activity - All File Transfers (as Server) - This report displays all file transfers as server.
-
Activity - All Groups (Detailed) - This report displays the various Actions performed by all the groups, such as Administrator, All users, and Guests, and it displays Date/Time, Remote IP address, protocol, Action, filename, folder, bytes transferred, and the result.
-
Activity - All Users (Summary) - This report displays the transfer activity (total number of uploads and downloads) for all users who logged on to EFT during the date range specified, grouped by username, subgrouped by date, sorted by username, then transfer direction, and date, in ascending order.
-
Activity - All Users (Detailed) - This report displays all folders and files created and the delete activity for all users who logged on to EFT during a particular period, grouped by username, and sorted in reverse chronological order. The report includes the time stamp, remote IP address of the user, protocol, Action, file name, folder, KB transferred, and the result.
-
Activity - By File - This report displays all the activities related to a specified file, based on wildcard masks, grouped by Site name, subgrouped by matching filename, sorted in chronological order. The report displays the time stamp, user name, remote IP address, and protocol. To generate this report, you have to specify the report parameters, such as .txt to view only txt files or *.* to view all files.
-
Activity - By Group (Detailed) - This report displays the folder and file create and delete activity during a specified period for a specific group, grouped by group name, and sorted by date in reverse chronological order. The report displays the remote IP address, protocol, Action, time stamp, file name, folder, bytes transferred, and result. When you click Show Report, the Report Parameters dialog box appears asking for the group name.
-
Activity - By User (Detailed) - This report displays the folder and file create and delete activity during a specified period for a specific user, grouped by username, and sorted by date in reverse chronological order. When you click Show Report, the Report Parameters dialog box appears asking for the name of the user.
-
Activity - By User (Detailed) - Group by Username-Action - This report displays the folder and file create and delete activity during a specified period for specific users, grouped by username, subgrouped by Action, and sorted by date in reverse chronological order. That is, the report displays all files created under the Created Action and all files that are sent are displayed under the Sent Action. When you click Show Report, the Report Parameters dialog box appears asking for the name of the user.
-
Activity - By User (Summary) - This report displays the transfer activity for specifics users, grouped by username, subgrouped by date, sorted by username, transfer direction, and date, in descending order.
-
Admin Actions - (Requires EFT Enterprise, Advanced Security Module, and ARM) This report displays all EFT administrator activity for the specified range. Columns displayed in the report and available report filters include Date/Time (Timestamp), Function (e.g., User Account, Site, Database Refresh, SMTP Settings), Action (e.g., Created, Enabled, Disconnected, Modified, Started, Renamed), Affected Area (e.g., User Account, Site, Server, Administration), Affected Name (username), ChangeOriginator (administrator username), SiteName (e.g., MySite).
-
Admin Activity (Summary) - This report displays all administrative connections (successes and failures) to EFT.
-
AS2 Transactions Detailed - A verbose AS2 file transfer report that provides the information necessary for troubleshooting problem transactions.
-
AS2 Transactions Overview - A transaction report that displays the same information as shown on the Transfers - AS2 node. The report queries all AS2 transactions for the dates specified, grouped by site, sorted by date, and listed in reverse chronological order.
-
Content Integrity Control - Actions (detailed) - A report showing all Event Rules with CIC actions, grouped by site name, sub-grouped by the user-defined event name, sorted by the unique event ID (not shown) in descending order. Includes Parameters, Begin and End Date\Time, and Result.
-
Event Rules - Actions (Summary) - This report summarizes all Event Rules with their corresponding Actions, grouped by Site name, subgrouped by the user-defined Event name, sorted by the unique Event ID (not shown in report) in descending order.
-
Event Rules - Activity (Detailed) - This report displays the Event Rule activity by user-defined Event name, grouped by Site name, subgrouped by the Event type, sorted by date in reverse chronological order.
-
Event Rules - Activity (Summary) - This report summarizes the Event Rule activity by user-defined Event name, grouped by Site name, sub-grouped by the Event type, sorted by date in reverse chronological order.
-
Event Rules - Inbound-Outbound By Date - This report details all offload and download Actions, grouped by Site subgrouped by Action, sorted by date in reverse chronological order.
-
Event Rules - Inbound-Outbound By User - This report details all offload and download Actions, grouped by Site name, then by remote host IP address, then by username, sorted in reverse chronological order.
-
Executive Summary Report - This report summarizes the following information for the period specified:
-
-
Average transfer speed
-
Total number of downloads, uploads
-
Total bytes transferred (inbound/outbound)
-
Top 5 users (by # of connections)
-
Top 5 users (by bytes transferred)
-
-
Outlook Pick Up Report - This report details Outlook receiving activities, including receipt date, receipt email, sender email, file name, file size, Workspace name, and expiration date.
-
Outlook Send Report - This report details Outlook sending activities, including send date, owner, sender email, recipient email, file name, file size, Workspace name, and expiration date.
-
Security - Failed Logins - This report displays the number of users who could not connect to EFT. It displays the user name, remote IP address, protocol used, date, time, remote IP address, port number, and result.
-
Traffic - Average Transfer Rates by User - This report displays the average transfer rate for specific users, grouped by username, subgrouped by date, sorted by username, transfer direction, and date, in descending order.
-
Traffic - Connections Summary - This report details connections to EFT (IP address or user connections) and bytes transferred by date, grouped by Site name, sorted by date in reverse chronological order.
-
Traffic - Datewise-Hourly Bytes Transferred - This report details the connections and bytes transferred sorted by date and hour, in chronological order.
-
Traffic - Datewise-IPwise bytes transferred - This report displays the connections established by remote IP addresses and total bytes transferred.
-
Traffic - IPwise Connections (Summary) - This report displays the connections established by remote IP addresses and total bytes transferred.
-
Traffic - Monthwise-IP-wise Bytes transferred - This report displays the connections established by various remote IP addresses each month. It displays the Site name, month name, remote IP address, connections, and total bytes transferred.
-
Traffic - Most Active IPs - Connections - This report displays the most active IP addresses; that is, the IP addresses of the users who frequently log on to EFT. It displays the data transferred, Site name, remote IP address, and bytes transferred. This report can be used to determine Denial of Service (DoS) attacks against EFT.
-
Traffic - Most Active IPs - Data Transferred - This report displays the IP addresses of users who log on to EFT frequently; the number of connections established by various users. It displays the information on the total bytes transferred, number of connections, remote IP address, and Site name.
-
Traffic - Most Active Users - Connections - This report displays the connections established by the most active users.
-
Traffic - Most Active Users - Data Transferred - This report displays the usernames of users who log on to EFT frequently, the number of connections established by various users, and number of bytes transferred.
-
Traffic - Protocolwise Connections (Summary) - This report displays the connections established by various users and the protocol used by the users to transfer the data, that is, whether the users have used FTP, HTTP, or any other protocol to upload or download the files.
-
Traffic - Sitewise-Hourly by User - This report displays the total number of connection established by various users on a particular Site each hour.
-
Troubleshooting - Connection Errors - This report displays the number of connection errors occurred while connecting to a site.
-
Troubleshooting - Event Rules Failures - This report displays failures related to the Event Rules.
-
Troubleshooting - IP Address Activity (Detailed) - This report displays the details of the user, the date/Time on which the user logged on EFT; other details such as local port, socket result ID, protocol, password, physical folder name, virtual folder name, and so on are also displayed. To view this report, you must specify the IP address in the Enter Report Parameters dialog box that opens when you click Show Report.
-
Troubleshooting - Operation Errors - This report displays protocol error codes and corresponding commands, sorted in reverse chronological order. The report includes the date and time the error occurred, remote IP address, protocol used, username, command, filename, virtual folder, and result (e.g., transfer completed).
-
Web Service- Invoke Event Rules (Detailed) - This report is used to view activity for invoking Event Rules through Web Service, grouped by username, and sorted by date in reverse chronological order.
-
Workspaces Activity - Shows shared Workspaces invitation activity on EFT for a given period by Site. Displays date, Workspace name, path, owner, action, status, participant, and permission.
(Refer to Winsock Error Codes for a list of Socket ID error codes.)