Investigating credential events - Security Center 5.6

Security Center User Guide 5.6

series
Security Center 5.6
revised_modified
2019-10-09

You can investigate events related to credentials (Access denied: Expired credential, Access denied: Inactive credential, Access denied: Stolen credential, and so on), using the Credential activities report.

What you should know

In the Credential activities, you can investigate areas a cardholder accessed by selecting the credential, and the time range. You also can search by critical credential events. For example, if an Access denied: Stolen credential event occurred, you can see who tried to use the stolen credential by reviewing the video associated with the event.

Procedure

  1. From the home page, open the Credential activities task.
  2. Set up the query filters for your report. Choose one or more of the following filters:
    Credentials
    Restrict the search to specific credentials.
    Custom fields
    Restrict the search to a pre-defined custom field for the entity. This filter only appears if custom fields are defined for the entity, and if the custom field was made visible to you when it was created or last configured.
    Doors - Areas - Elevators
    Restrict the search to activities that took place at certain doors, areas, and elevators.
    Events
    Select the events of interest. The event types available depend on the task you are using.
    Event timestamp
    Define the time range for the query. The range can be defined for a specific period of time or for global units of time such as the previous week or the previous month.
  3. Click Generate report.

    The credential events are listed in the report pane.

  4. To show the corresponding video of an event in a tile, double-click or drag the item from the report pane to the canvas.
    If there is no camera attached to the entity, the door, elevator, or area icon is displayed, depending on the type of credential event.
  5. To control the tiles, use the widgets in the dashboard.