Back to blog

New Feature: Scheduled Reports in Radar for Security & Audit

6 Dec 2017 by Doug Davis

When you’re implementing preventative IT security measures, there are two important practices that can help you identify, investigate and mitigate threats as quickly as possible:

  • Alerting on key events, notifying you when certain actions have taken place.
  • Regular, automated reporting configured for all potential vulnerabilities, including any specific requirements or timescales. This information should be securely distributed to all key stakeholders to ensure that the environment can be carefully monitored.

Both of these steps are relatively straightforward, all they require is some careful forethought, and the right tools for the job. We’re happy to announce that Radar for Security & Audit now provides two features to help you improve your preventative security measures: Alerting (released a few months ago), and Scheduled reports (added to the app this week!).

Scheduled reports are now available for the ‘Audit’ reports in Radar for Security & Audit! The new feature allows you to configure a report for specific audit events and a given timeframe, automate the report to run and distribute to contacts via email. This is a simple way to share crucial audit event information securely across relevant teams within your organization, for any security or administrative needs. Equally, you can set up and schedule these reports to be sent to your own inbox for when you need them, making safeguarding your Office 365 environment that little bit easier.

How to use the new ‘Schedule’ feature
In the Audit Log, at the top of the view amongst the saved filters and alert options, there is now a ‘Schedule’ button.To schedule an audit report, first you’ll need to configure the scope of the report that you want to see. You will need to set the desired time frame, and add any particular audit filters that you would like to apply. Note: if a date range is not specified, you will receive an error.

Here’s an example. In this instance, a 30-day selection has been chosen and the audit report has been filtered down to just ‘Logon Failures’.Once you apply the filters, you will see any results that would normally be shown in this report. Now that the report is displaying the information you need, click on the ‘Schedule’ button. The resulting dialog is shown below, and it’s the same process as scheduling reports in other parts of Radar Reporting, simply enter the relevant information for the report you’re scheduling.Once you’ve filled everything in, click ‘Next’ and choose the schedule you would like. In this case we are doing a monthly report – so it has been set up to be delivered the 1st Monday of the month. Once complete, click on Finish.Once saved, the system will process and send out the reports as scheduled. You can review and edit these in the Saved Reports and Alerts section.Want to start scheduling? If you’re a Radar for Security & Audit customer, simply log in here.

If you’re new to Radar Reporting, and want to see what how advanced Office 365 activity reporting and analytics can help you better protect your environment, why not sign up for a free 14-day trial?