User Audit Templates

User Audit templates capture all actions initiated by a user on MOVEit DMZ and Ipswitch Analytics, which can be used to demonstrate regulatory compliance. These templates shows who accessed the system, what they did, and when. These templates do not include system actions, only actions initiated by a user. Note: MOVEit Central file operations are not captured in User Audit reports because tasks are not user-initiated actions.

Note: If a user logs in to Ipswitch Analytics using multiple machines, browsers, or browser tabs, each login will be recorded separately.

Note: Only Administrators and System Administrators can access User Audit templates.

Template Name	Description	Summary or Detailed	Fields
Login Summary	Shows total number of successful and failed logins.	Summary	Login Success Count Login Failure Count
Daily Login Summary	Shows number of successful and failed logins for each day.	Summary	Login Success Count Login Failure Count Day
Weekly Login Summary	Shows number of successful and failed logins for each week.	Summary	Login Success Count Login Failure Count Week
Monthly Login Summary	Shows number of successful and failed logins for each month.	Summary	Login Success Count Login Failure Count Month
Login Summary By User	Shows number of successful and failed logins for each user.	Summary	Login Success Count Login Failure Count User
Login Summary By Org	Shows number of successful and failed logins for each MOVEit DMZ organization.	Summary	Login Success Count Login Failure Count Organization
User Maintenance Details	Shows actions taken by an administrative user to manage other users (or are initiated by MOVEit Central and affect user provisioning or settings). Possible actions include: MOVEit DMZ: Add User Delete User Change User Privilege Change User Password MOVEit Central: MOVEit Central does not maintain a list of users. Access is managed by the rights granted to Windows users and groups. Most workflow actions occur within the context of a Windows service and are not associated with a user. The system records login and logout to the console application, but does not record the specific user information. Ipswitch Analytics Server: Add User Delete User Change User Privilege Change User Password Note: If users open Ipswitch Analytics in multiple browser windows or tabs, those logins/logouts will each create a separate action.	Detailed	Timestamp User Action Target
Daily / Weekly / Monthly DLP Maintenance Summary	Number of Data Loss Prevention (DLP) maintenance actions performed each day / week / month. DLP maintenance actions include any changes in MOVEit DMZ Settings > Data Loss Prevention (DLP), such as changing the default DLP ruleset for a user class, adding a DLP ruleset, enabling or disabling DLP for an organization, and changing the action that occurs on server error (whether content will be blocked or allowed with "server error" message).	Summary	Day / Week / Month Total Count
Daily / Weekly / Monthly DLP Maintenance by Activity	Number of times each Data Loss Prevention (DLP) maintenance action was performed each day / week / month. See above for examples of DLP maintenance actions.	Summary	Day / Week / Month Action Total Count