Reports

Expand all | Collapse all

Kaspersky Security for Microsoft Office 365 allows you to generate protection reports on the activity of the application protection modules in PDF format, or Data Discovery module reports in CSV format.

Reports include statistics analyzed over the period of time during which the corresponding application modules were enabled. The application retrieves no statistics on modules that are disabled.

You can generate an instant report manually or set up a schedule for automatic report generation.

Protection reports

Protection reports cover a period of at least one day, and include the following information:

1. Exchange Online detection overview

   The section contains two charts:

   • The circle diagram provides statistics on the statuses assigned to messages scanned by the application:
     • Clean or allowed. Scanned messages that contain no malicious objects, spam, or phishing links; or messages excluded from scanning.
     • Malware. Messages found to contain malicious objects.
     • Phishing. Messages found to contain phishing links.
     • Spam. Detected spam messages.
     • Mass mail. Detected mass mail messages.
     • Filtered attachments. Messages found to contain files that match the attachment filtering criteria.
     • Denylist. Messages blocked by the Denylist module.
   • The line chart visualizes the detection number progress over the selected period of time. The line chart provides information on the same message statuses as the circle diagram, except for the Clean or allowed scan result.
2. Exchange Online detailed statistics

   A table that breaks down statistical data by time intervals within the specified period. The table provides information on the same message statuses as the circle diagram in the Exchange Online detection overview section described above.

3. Top mailboxes with detected threats

   The five mailboxes or users in which the largest number of messages containing viruses and other malicious objects were detected.

4. Top mailboxes with detected spam or phishing

   The five mailboxes in which the largest number of spam messages and/or messages containing phishing links were detected.

5. OneDrive detection overview

   The section contains a circle diagram providing statistics on the statuses assigned to files scanned by the application:

   • Clean. Scanned files containing no malicious objects.
   • Malware. Files found to contain malicious objects.
6. OneDrive detailed statistics

   A table that breaks down statistical data by time intervals within the specified period. The table provides information on the same statuses of the files as the circle diagram in the OneDrive detection overview section described above.

7. SharePoint Online detection overview

   This section contains a circle diagram providing statistics on the statuses assigned to files scanned by the application:

   • Clean. Scanned files containing no malicious objects.
   • Malware. Files found to contain malicious objects.
8. SharePoint Online detailed statistics

   A table that breaks down statistical data by time intervals within the specified period. The table provides information on the same statuses of the files as the circle diagram in the SharePoint Online detection overview section described above.

Data Discovery reports

Data Discovery reports cover a period of at least one day, and include the following information:

• Detection date

  Date of the threat detection.

• Item date

  Depending on the service where the item was detected, this column displays the following information:

  • The receipt date for incoming messages.
  • The date when the message was sent for outgoing messages.
  • The draft creation date for messages drafts.
  • The date when the OneDrive or SharePoint Online file was uploaded or modified.
• Access level

  This column displays the information about accessibility of the detected item. The values can be as follows:

  • Organization: the item is shared within your organization.
  • Owner: the item is available to its owner only.
  • Global: the item is accessible globally.
  • Unknown: accessibility status of the item is unknown.
• Categories

  Detected item type. The values can be as follows:

  • Credit/Debit Card Number
  • Argentinian Driver's License
  • Argentinian Identity Card
  • Argentinian Passport
  • Argentinian Unique Taxpayer Number
  • Brazilian Driver's License
  • Brazilian Identity Card (RG)
  • Brazilian Individual Taxpayer Registry (CPF)
  • Brazilian Passport
  • Chilean Driver's License
  • Chilean Identity Card
  • Chilean Passport
  • Chilean Unique Taxpayer Number
  • Colombian Driver's License
  • Colombian Identity Card
  • Colombian Passport
  • Colombian Unique Taxpayer Number (NIT)
  • French Driver's License
  • French Identity Card
  • French Passport
  • French Social Security Number
  • German Driver's License
  • German Identity Card
  • German Passport
  • German Residence Permit
  • German Social Insurance Number (SIN)
  • German Tax Identification Number (TIN)
  • Italian Driver's License
  • Italian Identity Card
  • Italian Passport
  • Italian Fiscal Code
  • Mexican Citizen Card (CURP)
  • Mexican Individual Taxpayer Registry (RFC)
  • Mexican Passport
  • Mexican Social Security Number
  • Portuguese Driver's License
  • Portuguese Citizen Card
  • Portuguese Passport
  • Portuguese Social Security Number (NISS)
  • Portuguese Tax Identification Number (NIF)
  • Spanish Identity Card
  • Spanish Passport
  • Spanish National Insurance Number
  • Spanish Unique Taxpayer Reference
  • UK Driving License
  • UK Passport
  • UK Residence Card
  • UK National Insurance Number
  • UK Tax Identification Number (TIN)
  • US Driver's License
  • US Passport
  • US Social Security Number (SSN)
  • US Individual Taxpayer Identification Number (ITIN)
• Cardinality

  General quantity of confidential data within a detected item.

• Detection path

  URL or path to the location where the file was detected; used for OneDrive and SharePoint Online files only.

• From

  Sender of the message; used for Exchange Online messages only.

• To

  Recipient of the message; used for Exchange Online messages only.

• Subject

  Subject of the message; used for Exchange Online messages only.

• User

  Depending on the service where the item was detected, this column displays name of the protected Exchange Online mailbox, name of the protected OneDrive user, or name of the user that uploaded the detected item to the protected SharePoint Online site.

• Traffic type

  Traffic type of the detected item. It can be as follows:

  • Incoming.
  • Outgoing.
  • Internal.
  • N/A (unknown).
• Scan type

  Type of the scan. It can be Real-time only.

• Storage

  Storage type. The items are stored by Kaspersky Security.

• File name

  Name of the detected file; used for OneDrive and SharePoint Online files only.

• Modified by

  Name of the user that modified the detected file; used for OneDrive and SharePoint Online files only.

• Service

  Service where the item was detected. It can be as follows:

  • Exchange Online
  • OneDrive
  • SharePoint Online

In this section Generating an instant report manually Scheduling automatic report generation

Page top