Policy Server Guides › Policy Server Management Guide › SiteMinder Reports › How to View Sample Reports Using Crystal Reports › Intrusion Reports

Intrusion Reports

Intrusion reports have a drill-down feature that allows you to view data at different levels of granularity. These reports begin with an initial page that summarizes the data in the report. Clicking on an item in the initial page, such as a date, user, or Agent, enables you to view more detailed information. For example, if you click on a date, you will see that day’s events by hour. Clicking on an hour reveals details about that hour’s events.

Note: The drill-down feature is not available on Unix-based browsers. To use this feature, view reports using a Windows-based browser.

There are three types of sample Intrusion Reports:

• All Failed Authentication and Authorization Attempts—Covers all failed user authentication, authorization, and administration attempts by date and time. You can select a date in the initial screen to view more information about intrusions that occurred that day.
• Failed Authentication and Authorization Attempts by User—Covers all failed user authentication and authorization attempts by user. Initially, this report lists users who unsuccessfully attempted to access a resource, and the number of failed attempts. You can click on a user to view more details about the attempts.
• Failed Authentication and Authorization Attempts by Agent—Covers all failed user authentication and authorization attempts by Agent. Initially, this report lists the Agent and the number of failed attempts. You can click on an Agent to view more details about the attempts.

In Intrusion reports, denials and failures are indicated in red text.