1. Home
  2. Docs
  3. LDS Edition Administrator’s Guide
  4. DigitalPersona Reports

DigitalPersona Reports

About Reported events

Once DigitalPersona Reports has been setup and configured, all events generated by DigitalPersona clients will be forwarded to a designated Collector computer via the Windows Event Forwarding mechanism.

The DigitalPersona Report Event import task, which runs every fifteen minutes on the hour, parses the forwarded events and writes them to a SQL database. Events can then be viewed through the DigitalPersona Reports web console.

Activity events are logged whenever a designated activity occurs on a DigitalPersona client. For a complete listing and description of all events, see the chapter “DigitalPersona Events”.

There are some events that are not automatically written to the local Windows Event log. Logging of these events requires additional configuration through selection of the Log Status Events checkbox of the Level of detail in event logs GPO setting. These events provide information about the state of various policies and components on client computers. The interval at which status events are reported can also be configured through the GPO. Logging status events at small time intervals may consume system resources and fill up your Forwarded Events log very quickly.

All logged DigitalPersona client events are written to the local Windows Event Log with a root name of “DigitalPersona > Altus.” The channel name includes the name of the component that logs the events. Currently, the following Component names are defined:

Component name Description
CoreA general log for all DigitalPersona component events not assigned to a more specific channel.
Logon User logon/logoff and lock/unlock events.
Password Manager Managed logon events created by the use of the Password Manager application.

Future components may provide their own channel names, creating a separate Component log under “DigitalPersona>Altus.”

Currently, all the events are written into the “Operational” log under the Component folder.

Event logging happens on the client workstation/kiosk whether or not event forwarding to the Collector computer has been enabled and set up. If the DigitalPersona Reports Event Forwarding setting has been enabled, then events are forwarded to the “Forwarded Events Log” folder on the computer where DigitalPersona Reports is installed. The events are logged in the Event Viewer > Windows Log > Forwarded Events folder.

Setting up DigitalPersona Reports

If installing on Windows Server 2012 R2, ensure that .NET 3.5 has been previously installed.

Setting up DigitalPersona Reports, consists of the following high-level tasks. Each task is described in more detail in the following sections.

  • Install and configure DigitalPersona Reports.
  • Configure Active Directory GPO settings for event
  • Enable JavaScript in the web browser used to access the DigitalPersona Reports web (In Internet Explorer, this setting is called “Active Scripting.”)

Install and configure DigitalPersona Reports

Requirements

DigitalPersona Reports should be installed on a computer that is a member of the domain and meets the following requirements.

  •  The computer is not a domain controller.
  • It is running Windows Server 2008/2012/2012 R2 (32/64-bit)
  • The computer name must not include underscores, for example

Installation on a computer that also hosts a DigitalPersona Server is not recommended.

Upgrading DigitalPersona Reports

When upgrading from a previous version of DigitalPersona Reports, you should deactivate or unlink all GPOs that have been applied to DigitalPersona Reports before upgrading. You should do this regardless of whether you are installing over the previous installation or uninstalling the previous version before installing the newer version. After installation, reactivate the GPOs.

  • Deactivate/unlink Reports GPOs
  • Run gpupdate /force
  • Reboot system
  • Install new version
  • Activate/link Reports GPOs
  • Run gpupdate /force
  • Reboot system

Installation

The installation file for DigitalPersona Reports is located in the DigitalPersona Reports directory of your DigitalPersona product package. Be sure to check the included readme.txt file for any updated information prior to installing DigitalPersona Reports.

  • Start the installation wizard by launching exe.
  • Follow the onscreen
    1. You will be prompted to either use an existing SQL Server 2008 instance (if no other instances of SQL Server RTM, R2 SP1, Express RTM or R2 SP1 Express are detected), or to install SQL Server 2008 R2 Express Edition. Select the appropriate choice for your environment.
    2. A prompt will display asking you to install Internet Information Services (if not previously installed) and SQL Server 2008 R2 Express SP2 (if selected in the previous step). Click Install.
    3. Reboot when prompted to do so. Installation will resume after the reboot.
    4. If you chose to install SQL Server Express Edition in step a. above, follow the onscreen prompts for installation.
    5. The DigitalPersona Reports software will then install.
    6. The installation will place a shortcut to the DigitalPersona Reports web console on your desktop.
    7. On the last page of the wizard, click Finish.

Reports Server Configuration

The Reports Server Configuration Tool is launched automatically after the installation of DigitalPersona Reports finishes.

The Reports Server Configuration Tool provides a central place to

  • Connect to the SQL server (existing or newly installed)
  • Create or upgrade databases (Altus_Events” for collecting events, and Altus_Reports for reporting que- ries and mailing subscriptions)
  • Configure web services to use those databases
  • Setup mailing configuration to enable sending reports by e-mail

Configure Active Directory GPO settings

In Active Directory Users and Computers

  1. Configure Active As a best practice, DigitalPersona Reports and DigitalPersona clients should be located in separate OUs linked with an appropriate policy.
  2. On the domain controller, make the “NT AUTHORITY/Network Service” built-in account a member of theEventLogReaders group. This will allow WinRM to read event logs.
    • In ADUC, navigate to <yourdomain>\Builtin\Event Log Readers.
    • Right-click on Event Log Readers and select Properties from the shortcut menu. Then select the Members tab.
    • Select NETWORK SERVICE and click Add.

Import GPOs from GPO backup

  1. Using the following steps to create new empty GPOs and give them meaningful names such as:
      • Enable WinRM
      • Enable DigitalPersona Event Forwarding
      • Enable DigitalPersona Audit Event Logging (Optional, sets level of Event reporting to Audit level detail)
      1. Import GPO: right-click on the new GPO and select Import settings to start the Import Settings wizard.
      2. On the Backup Location page, select the DigitalPersona Reports Policies for Importing folder described above.
      3. On the Source GPO page, choose the corresponding DigitalPersona GPOs and proceed to the end of the wizard.
      4. On the Scanning Backup page, click On the final page, click Finish to close the wizard.
      5. In the GPO, check the Settings tab to make sure that the settings were imported.
  1. Repeat steps a through e for each DigitalPersona GPO listed at the beginning of step 1.
  2. Configure the target Subscription Manager
    1. Navigate to Computer Configuration, Policies, Administrative Templates, Windows Components, Event Forwarding.
    2. Right-click on the Enable DigitalPersona Event Forwarding GPO created above, and then double-click on the Configure target Subscription Manager setting.
    3. In the Configure target Subscription Manager window, click Show. Then, in the Show Contents window, replace company.com with the appropriate Fully-Qualified Domain Name (FQDN) of the DigitalPersona Reports computer.Example:
      Default string – Server=http://ReporterPC.Company.com:5985/wsman/SubscriptionManager/WEC,Refresh=10Updated string – Server=http://computer_name.domain.com:5985/WSman/SubscriptionManager/WEC,Refresh=10
  3. Link the GPO to the corresponding OU (or setup Security Filtering):
    1. Apply these GPOs to all OUs with reporting workstations and all OUs with reporting
      • Enable WinRM
      • Enable DigitalPersona Event Forwarding
      • Enable DigitalPersona Audit Event Logging GPO (Optional, for audit-level detailed event reporting)
    2. Apply this GPO to DigitalPersona Reports
      • Enable WinRM
  4. After the GPOs are applied,
    1. Verify the following on reporting workstations, kiosks and on the DigitalPersona Reports The Windows Remote Management service is running.
    2. Verify the following on reporting workstations and

The Event Forwarding service is running and events are appearing in the Forwarded Events event log.

See the Troubleshooting steps topic at the end of this chapter if you experience problems with the Event forwarding setup.

Web console features

The DigitalPersona Reports web console allows you to generate, view and schedule reports based on the activity and status events generated by DigitalPersona clients.

Reports can be created ad hoc for specific one-time needs, or scheduled (subscribed to) for email delivery on a regular timetable.

The URL for accessing the DigitalPersona Reports web console (after initial installation and configuration) is DigitalPersona Reports also provides a powerful assortment of pre-configured templates for quickly and easily creating various types of reports as shown in the illustration below, including HIPAA, PCI and SOX compliant reports.

https://<hostname>/Dashboard/Reports

The DigitalPersona Reports web console supports the following web browsers.

  • Internet Explorer
  • Google Chrome
  • Mozilla Firefox

See the readme.txt file within the DigitalPersona Reports folder of your product package for a current list of supported browser versions.

Note that when creating or editing reports, you must click the Save or Run Now buttons to save any new or modified information.

Creating a report

To create a new report

  1. On the main DigitalPersona Reports page, click a report type under one of the listed
  2. Within the report type, select a pre-defined report template.
  3. By default, the report name and description are prepopulated with the given template name and Click on the name or description to use your own name and/or description for the report.
  4. Select from the available parameters to build the query for your report. Parameters will vary for different reports.
  5. In the image above, the End Date would be the last date you want included in the report. Select from the Limit Data by dropdown to indicate how far back you would like to report data from, i.e. an End Date of today and a Limit Data by selection of “End Date – 1 day” would give you data from the beginning of yesterday (00”00”00) to the current time When scheduling a report, you will enter the date ranges to be used for the subscriptions.
  6. (Optional) To report on data for all DigitalPersona managed computers, leave the Computer name field blank. To report on data for a single DigitalPersona managed computer, enter the computer
  7. To run the report, click Run now.

Note that data entered in the fields on this form is not automatically saved as you move from field to field. If you close a tab or browser window before Saving or Running a report your data will be lost.

Creating a new subscription

A subscription is a way of automatically running a report on a regular basis. Subscriptions can be created from one or more reports that are then scheduled to be run at regular intervals. They may be created either during the initial definition of the report, or later, by opening a report and clicking one of the links available to create a new subscription or to add the report to an existing subscription.

To create a new subscription from a report

  1. From the previously created report’s page, click Create a new subscription (see previous image).
  2. Enter a name for the subscription and (optionally) a description. Then click Create.
  3. Enter the email address that you want the report to be sent to. You can also enter multiple email addresses, separated by
  4. Enter a subject for the email that recipients will receive when they get the semicolons.
  5. By default, the subscription is enabled. To disable the subscription, i.e. stop the report from running, deselect the Enabled checkbox.
  6. Enter the beginning date and time and the ending date for the The report(s) in this subscription will be run beginning on the From date and time until the To date.
  7. Configure the following parameters used to determine how often the report(s) are to be run.
    • By default, the report(s) will be run daily during the time period selected in step 6 above. Click one of the following links to specify more advanced parameters.
    • Specific months – To run only in specified months, deselect any months (during the dates entered in steps 6) when the report should not be run.
    • Specific weeks – To run only during specified weeks within those months selected, deselect any weeks (during the dates entered in steps 6) when the report should not be run.
    • Specific week days– To run only during specified days of the week within those weeks selected, deselect any week days (during the dates entered in steps 6) when the report should not be run.
  8. For example, to run the report for a year, at 8 am on the first Monday in March, deselect all months except March, select 1st for Specific weeks and deselect all days except Monday.
  9. Click the Reporting Tools tab to return to the main DigitalPersona Reports page. Your new subscription will be listed under My subscriptions.

Adding a report to an existing subscription

To add a report to an existing subscription

  1. From the main DigitalPersona Reports page, click the report that you want to add.
  2. Click add report to an existing subscription.
  3. Select the subscription that you want to add the report
  4. The report will be added to the selected subscription.

Editing a subscription

To edit a subscription

  1. From the main DigitalPersona Reports page, click the subscription you want to revise.
  2. Click one of the reports in the subscription to edit the query details.
  3. Revise subscription details as required. Changes are saved automatically.

Bookmarking a report

To bookmark a report

  • On the main DigitalPersona Reports page, hover over the name of the report.
  • Click the bookmark icon.

Deleting a report or subscription

To delete a report

  • On the main DigitalPersona Reports page, hover over the name of the report or subscription. Click the X that displays to the right of the report or subscription

Troubleshooting steps

If you are having trouble getting DigitalPersona Reports to function properly, please check the following items.

  1. Is the Windows Remote Management service running on both the DigitalPersona Reports and DigitalPersona client machines?
  2. Is the Windows Event Collector service running on the DigitalPersona Reports machine?
  3. Are there any errors in the “Microsoft/Windows\EventCollector” or in the “Microsoft\Windows/Eventlog- ForwardingPlugin” event logs?
  4. Are there any events in the “Forwarded Events” channel on the DigitalPersona Reports machine?
  5. Is there an “Reports event import” task in the Windows Task Scheduler, and can you confirm that it executes periodically by looking in the task History tab?
  6. Do you see a “ForwardedEvent.bookmark” file created in the “%ProgramFiles%\DigitalPersona\bin\” folder?