Reports Skip to main content
https://support.okta.com/help/oktaarticledetailpage?childcateg=&id=ka02a0000005uhlsaa&source=documentation&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fdocumentation%2fknowledge_article%2freports-32670902
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Average Rating:
Reports
Published: Jan 31, 2018   -   Updated: May 15, 2018

okta-doc-source

Reports

The Reports page displays report data that details how your end users leverage their Okta accounts. Data includes information such as app usage and access, deprovisioning details, and the exposure of suspicious activity, including OpenID Connect events.

In addition to the generated reports, there are several System Log queries available.

Running Reports

To run any report, click the report name, enter the parameters at the top of the screen, and finally click Run Report. After running a report, click the Download CSV link to obtain a csv version.

Available Reports

The following reports are available from this page.

Okta Usage

The Okta Usage report contains data about who has signed into Okta, how many times and the dates of last login for the past 30 days. When you click on the report, it allows you to specify the range.

Application Usage

The Application Usage report contains data about how much an application is being used by user/group over a specified time range. To run the report, click the report name.

Other reports in this section provide reporting on applications in use as well as important security actions for each.

  • App Password Health

    The App Password Health Report opens a page that allows admins who have the proper permissions to view apps to evaluate their app password health and act on it by asking users to reset their application passwords.

    App Password Health Report Details

    The App Password Health page allows admins who have the proper permissions to view apps to evaluate their app password health and act on it by providing

    • The number of end-users using a given app
    • The elapsed time since the last time you requested a password change for this app
    • Quick communication to end-users from a push of the Ask user to reset button
    • A CSV report to track end-user compliance by showing the latest time an end user logged into an app, and the last time the user updated the app password in Okta

    Not all apps will appear on this page. Only your SWA apps that are active, have at least one user or group assigned to them, and where you selected "User sets username and password" in the app setup, appear in this list.

    Note: In a SWA app in which the user sets the username and password, the last login time and last app password reset are not captured if the user goes directly into the app.

  • SAML Capable Apps

    You can review all your apps to see if you have any opportunities to convert existing SWA apps to SAML. The SAML Capable Apps report opens a page that shows all apps that you can convert from SWA to SAML. The page has a button for each app take you to the app to begin the process.

    Because end users sign in to SAML apps by signing into Okta, app passwords are not required. This reduces this risk of an app being compromised. It's also more convenient for your end users, since they don't need to manage the app passwords.

  • Rogue Accounts Report

    This is an Early Access feature. To enable it, please contact Okta Support.

    The Rogue Accounts report compares assignments in Okta to accounts that exist in a specified app and lists the discrepancies. You can find the accounts that were created directly in the application without going through Okta and correct them to ensure all access to the app is managed through Okta. Once corrected, you will only have to look in one place to see who has access and what type of access for all the applications that you manage.

Auth Troubleshooting

Auth Troubleshooting reports provide links to pre-defined queries in our System Log about the following authentication events:

  • Okta Logins (Total, Failed)
  • SSO Attempts
  • Auths Via AD Agent (Total, Failed)

The Ask Users to Reset Button

When you click the Ask Users to Reset button, users are sent a request to update their passwords for the appropriate app(s). This notification comes in the form of a banner on their Home page, as shown below.

App_Health_Report_1

The banner appears the next time your end-users sign into Okta. Once viewed, end-users can easily remove the banner, and it does not reappear unless another password reset is requested.

The CSV Report Button

Click the CSV report button to download a report that details the users of the app, the last known login to this app, and the last time they updated the app password in Okta. View this report to monitor users who have complied with the request, and those who have yet to change their app passwords.

Note: The values in this report only apply to users who use SSO through Okta to sign into the app. Users who sign into the app directly are not tracked.

The CSV Report of All Password Resets Button

This report is a composite of the Ask users to reset button and the CSV report button.

Applications Access Audit

This is an Early Access feature. To enable it, please contact Okta Support.

The Applications Access Audit section contains the following two reports: Current Assignments and Recent Unassignments..

  • Current Assignments

    The Current Assignments report contains data about how an application is being used over a specified time range. It shows which users are assigned a specified app and all the apps assigned to a specified user. This report is not recommended for apps with more than 50,000 assigned users, as downloading the CSV report may take up to 15 minutes. If you navigate away from the download page, the download stops.

  • Recent Unassignments

    Note: Only visible if any unassigned orgs exist.

    The Recent Unassignments report shows which users were unassigned from an app for a specified period. Enter an app by typing the first letter of the app and then selecting from the list that appears, and then enter the beginning and ending dates for the report. You can only run this report for one app at a time. Downloading the CSV report may take up to 3 minutes. If you navigate away from the download page, the download stops.

Multifactor Authentication

  • MFA Usage

    The MFA Usage report details Multifactor Authentication status and usage. This report shows all the MFA factors in Okta and the usage, by user. A user can have multiple entries in this report, if that user has many MFA factors configured. You can run the report for all users or for a single user. If you do not enter a user, selecting Run Report generates the report for all users.

  • Yubikey Report

    The Yubikey report contains data about user, Yubikey serial number and status for a specified period.

Suspicious Activity

The Suspicious Activity report contains data about suspicious events such as failed logins and locked out users over a specified time range. The report includes information about the time, login (user), client IP (user computer), and type of suspicious event that occurred.

Deprovision Details

The Deprovision Details report contains data about user, application deprovsioned from and resolution over a specified time range.

SMS Usage

The SMS Usage report contains data about domestic and international SMS usage for the org.

 

 

Post a Comment