User Details | Trend Micro Service Central

Views:

The User/Endpoint Directory screen displays User information for a specified time range.

Use the drop-down controls below the Endpoints or Users tab to specify the time period for the data that displays or to switch between Tabular view and Timeline view.
Click Export to export the data as a *.csv file or *.png image.

Note:
Tabular view only supports exporting data as a *.csv file. Timeline view can export data as a *.csv file or a *.png image. The exported *.png timeline image only displays information for a maximum of 30 users or endpoints.

The following table describes the User information that displays on the User/Endpoint Directory screen in Tabular view.

Table 1. User Details in Tabular View
Column	Description
	If the endpoint or user is assigned an importance tag, Apex Central displays a yellow star icon () to indicate importance. For more information, see User or Endpoint Importance.
User	Apex Central identifies and associates users with endpoints based on the type of endpoint or through integration with Active Directory. Server and desktop platforms: Apex Central associates the last logged on user with the endpoint Mobile devices: If Active Directory synchronization is available, Apex Central resolves the registered email address for the mobile device with the associated Active Directory account If Active Directory synchronization is not available, Apex Central displays the registered email address for the mobile device Click a user name to view contact details. For more information, see Contact Information. Note: The Users > All node lists all local users from various endpoints regardless of their duplicate status. Duplicate users having the same names can occur. Apex Central consolidates all endpoints from managed products that have multiple local users.
Domain	If Active Directory synchronization is available, this Apex Central displays the domain name that the user is a member of. If Active Directory synchronization is not available, this Apex Central displays the endpoint/host name that the user was the last person to log on to.
Manager	If Active Directory synchronization is available, Apex Central displays the manager of the user Click a name in the manager column to view the manager's contact details. For more information, see Contact Information.
Endpoints	The number of endpoints currently associated with the user, based on the last log on information from the endpoints Click the count to view the related endpoint information in the table. For more information, see Endpoint Details.
Policies	The number of policies currently associated with the user, based on the last log on information from the endpoints Click the Policies count to view the related policy information for the user. For more information, see Policy Status.
Threats	The total number of security threats that occurred on endpoints associated with the user Click the Threats count to view the related threat information for the user. For more information, see Security Threats for Users. For example, if Henry was the last user logged on to endpoint "us-mkt-dev1", and that endpoint reported 10 virus/malware detections and 2 web violations, Henry's Threats count displays as 12. Note: If the network environment is not using Active Directory, the following detections/violations for gateway products do not display: email content violation, phishing email, and spam. Security threats detected by endpoint products (for example, Apex One) are associated with the last logged-on user of the endpoint. Security threats detected by gateway products (for example, IWSVA) are associated with the user who triggered the detection.

The following table describes the User information that displays on the User/Endpoint Directory screen in Timeline view.

Table 2. User Details in Timeline View
Column	Description
User	Apex Central identifies and associates users with endpoints based on the type of endpoint or through integration with Active Directory.
Threats	The total number of security threats that occurred on endpoints associated with the user Click the Threats count to view the related threat information for the user. For more information, see Security Threats for Users.
<Timeline>	The timeline indicates when the security threats occurred for each user. Hover over a red warning dot () to view the number of critical threats and the total number of all security threat detections for a user on a specific date. Hover over a solid red dot () to view the number of non-critical threat detections for a user on a specific date. Click a red dot to view the related threat information for a specific date. For more information, see Security Threats for Users.