Change Monitoring: Create custom reports

In Cayosoft Guardian, Custom Reports can be created and sent to admins when important changes have been detected. Creating a report begins on the Change History page where the admin can add a Report Job to any saved query. A Report Job is a workflow with predefined configurable actions and an execution schedule. When Alert Job runs the query, the selected actions are performed, and the returned data matches the query settings. The actions in the Report Job workflow can create a report file to export in HTML or CSV formats and send a notification through Microsoft Teams and/or by email. Exported reports can be delivered as a link to the Guardian web portal and be displayed as an attachment to a notification message. Reports can be added to any query across connected Entra ID tenants or Active Directory forests.

This article contains instructions on how to configure a report sending via email when the Domain Admins group membership is changed.

Configure a report sending via email when the Domain Admins group membership is changed

To configure the queries:

1. In the Cayosoft Guardian web portal, navigate to Change Monitoring>Change History.
2. Click All Changes.
3. Create Domain Admins group changes Custom Query. It will track Domain Admins group membership. Learn more in: Create a custom query.

4. When the query is created, click to open it.

5. Click Add report/Edit report to get the report by email when the group membership is changed.

6. Click General to see the list of possible actions.

7. Select Send report via email:

   NOTE: To send alerts via Teams or email, you should configure communication channels. Learn more in: Configuration: Configure communication channels

   At least one export action should be enabled to generate reports.

8. Open Send report via email properties. You can select the report delivery type, add recipients, and specify the report subject and body.
9. Save changes.
10. If the Domain Admins group membership is changed, you will get the report via email:
11. Define the schedule on the respective tab.

12. To see all the generated reports, navigate to Change Monitoring>Reports.

Add Change History parameters to report output

You can include parameters from Change History records, such as User Principal Name (UPN) , in the output of a custom Change Monitoring report.
These parameters are available through the parameters property in the report definition.

To show parameters in grid columns:

1. Open the Change Monitoring page and locate your report.

2. Click Edit report.

3. In the Workflow steps, select Export to HTML and click the Edit settings icon.

4. In the Edit settings for Export to HTML dialog, scroll to the Complex properties to expand and show in grid columns field.

5. Add the following value: parameters

6. Save the report and run it.

7. The parameter values (for example, userPrincipalName) now appear as columns in the HTML report.

To show parameters in the details section:

1. Open the same report and select Export to HTML.

2. In the Edit settings for Export to HTML dialog, scroll to the Details sub-section field.

3. Add the following value: parameterss

4. Save and re-run the report.
5. The parameters (such as UPN) will now appear within each record’s expanded details view.

NOTE: The parameters object contains contextual values related to each change event- such as userPrincipalName, policyName, or other event-specific identifiers.