Working with DB User Rights Reports
-
- Last UpdatedMar 14, 2025
- 2 minute read
User Rights discovery reports list various details regarding rights which have been discovered such as when rights were granted, the user that granted rights, the role of the grantee in the enterprise, objects to which rights have been granted, and much more.
EXAMPLE: Reporting on User Right to Sensitive Data
This example describes how to generate a report that lists details regarding user rights discovered in the network.
- Create an User Rights Discovery report as described in Creating a Report.
- Select the report you just created from the Reports pane. Its details are displayed in the Configuration pane.
- In the Data Scope tab, add the Enrichment Tables Groups Sensitive field by clicking its green arrow
. The Enrichment Tables Groups Sensitive field is moved up to the Enabled Fields pane.
- Click the plus sign (+) next to the field. Its options are displayed.
- Select True.
- In the Data Scope tab, add the Granted Creation Date field by clicking its green arrow
. The Granted Creation Date field is moved up to the Enabled Fields pane.
- Under Operation, select Equals, then click the Schedule icon and select the previous week. This will report on all user rights that were granted in the past week.
- In the Tabular tab, add the following columns:
- Account Name
- Principal Assignee
- Granted Creation Date
- Granted Type
- Object Type
- Under Sorting, select Account Name, and under Sort, select Descending.
Note: You can also configure an aggregation function for the columns. For more information on aggregation functions, see Understanding Aggregation Functions.
- In the upper right-hand side of the window, click
Save.
- In the General Details tab, click Run Report Now. The report is run. Once complete a dialog box opens enabling you to open the generated report.