About reports
Applies To: Forefront Client Security
Client Security provides many types of reports to help you monitor your organization's security status. Many of these reports come in both standard and history versions. The standard versions use 24-hour, 48-hour, and 72-hour time spans, whereas the history versions provide a more broadly configurable time span but do not contain data from the most recent day.
Client Security doesn't support custom reports or command-line operations that query for information and statistics.
The following table lists reports available on the reporting Web server. In addition, each of the summary reports are accessible from links on the dashboard. For more information, see Using dashboard summary reports.
Report type | Describes |
---|---|
Alerts History and Summary |
Alerts reported during a configurable time span, including a breakdown of alerts reported per day during the time span. For this report, an alert is a MOM alert raised by a specific client computer during the time span. MOM may consolidate alerts from many computers into one alert, but in these reports, Client Security splits consolidated alerts into separate alerts. |
Alert Detail and Detail History |
A specific alert, including:
|
Alert Instance Detail and History Detail |
A specific instance of an alert, including:
|
Computer Detail and Detail History |
Specific client computers, including:
|
Computers History and Summary |
The number of managed computers requiring attention for various issues, during a configurable time span. These reports show data for all managed computers in the Client Security deployment, provided that the MOM agent is operating correctly. Inclusion of a computer in these reports is not dependent on whether the Client Security antimalware or SSA services are installed. |
Connectivity Summary |
How recently computers have contacted the Client Security collection server. |
Deployment Summary |
Status of deployment of policies, spyware definitions, virus definitions, and Client Security client engine. Note For the status of definition and engine deployments, Client Security generates this report with the assumption that the newest version reported by clients is the current version. If a user manually updates one of these components with a version newer than you have approved in WSUS, all other clients on this report appear to have out-of-date versions. |
Deployment Version Status |
Reporting on five Client Security components, as reflected in the following five reports:
These reports provide information about the version of the applicable component on each managed computer. By default, the data are grouped by computer. |
Malware Detail and Detail History |
Specific malware detected during a configurable time span. |
Malware History and Summary |
All malware detected during a configurable time span. |
Malware Instance Detail |
A specific instance of malware. |
Security State Assessment History and Summary |
Vulnerabilities found during a configurable time span. The summary report presents the results of the most recent SSA scan. The historical report presents the most severe result for each possible vulnerability detected during the report time span. |
Security Summary |
The security state of the managed computers protected by Client Security, including the following:
|
Vulnerability Detail and Detail History |
A specific vulnerability detected during a configurable time span. |
Vulnerability Instance Detail |
A specific instance of a vulnerability. |
The following table lists reports accessible under Issues on the Client Security console. For more information, see Interpreting dashboard data.
Report | Describes |
---|---|
Malware detected (Computers Having Malware Issues) |
Computers on which Client Security found malware during the last 24, 48, or 72 hours. |
Vulnerability detected (Computers Having Critical Vulnerability Issues) |
Computers on which Client Security found critical vulnerabilities during the last 24, 48, or 72 hours. |
Out-of-date policy detected (Computers Having Policy Deployment Issues) |
Computers to which Client Security has failed to deploy policies during the last 24, 48, or 72 hours. |
Alerts detected (Computers Having Alert Issues) |
Computers for which an alert was issued during the last 24, 48, or 72 hours. |