Eventia Reporter
Administration Guide
Version NGX R65
701679 March 2007
TM

© 2003-2007 Check Point Software Technologies Ltd.
All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying,
distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written
authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or
omissions. This publication and features described herein are subject to change without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer
Software clause at DFARS 252.227-7013 and FAR 52.227-19.
TRADEMARKS:
©2003-2007 Check Point Software Technologies Ltd. All rights reserved. Check Point, AlertAdvisor, Application Intelligence, Check Point Express, Check Point
Express CI, the Check Point logo, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement,
Cooperative Security Alliance, CoSa, DefenseNet, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-1,
FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless
Security, Integrity SecureClient, InterSpect, IPS-1, IQ Engine, MailSafe, NG, NGX, Open Security Extension, OPSEC, OSFirewall, Policy Lifecycle Management,
Provider-1, Safe@Home, Safe@Office, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer,
SecureUpdate, SecureXL, SecureXL Turbocard, Sentivist, SiteManager-1, SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro,
SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advisor, Smarter Security, SmartLSM, SmartMap, SmartPortal,
SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SofaWare, SSL Network Extender, Stateful Clustering,
TrueVector, Turbocard, UAM, UserAuthority, User-to-Address Mapping, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-
1 Power, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VSX, Web
Intelligence, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus, ZoneAlarm Internet Security Suite, ZoneAlarm Pro, ZoneAlarm Secure Wireless Router,
Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. ZoneAlarm is a Check
Point Software Technologies, Inc. Company. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The
products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 6,496,935, 6,873,988, and 6,850,943 and may be protected by
other U.S. Patents, foreign patents, or pending applications.

For third party notices, see: THIRD PARTY TRADEMARKS AND COPYRIGHTS.

Table of Contents 5
Contents
Preface
Who Should Use This Guide................................................................................ 8
Summary of Contents......................................................................................... 9
Appendices .................................................................................................. 9
Related Documentation .................................................................................... 10
More Information ............................................................................................. 13
Feedback ........................................................................................................ 14
Chapter 1 Eventia Reporter
The Need for Reports ....................................................................................... 16
Eventia Reporter Solution ................................................................................. 17
Some Basic Concepts and Terminology ......................................................... 17
Eventia Reporter — Overview ....................................................................... 18
Log Consolidation Process ........................................................................... 20
Eventia Reporter Standard Reports ............................................................... 22
Eventia Reporter Express Reports ................................................................. 22
Predefined Reports ..................................................................................... 23
Eventia Reporter Considerations........................................................................ 26
Eventia Reporter Backward Compatibility ...................................................... 26
Standalone vs. Distributed Deployment ......................................................... 27
Log Availability vs. Log Storage and Processing.............................................. 27
Log Consolidation Phase Considerations........................................................ 28
Report Generation Phase Considerations ....................................................... 30
Eventia Reporter Database Management ............................................................ 33
Chapter 2 Getting Started
Starting Eventia Reporter.................................................................................. 40
Licenses ......................................................................................................... 45

Chapter 3 How To Use Eventia Reporter
Quick Start...................................................................................................... 48
How to Generate a Report............................................................................ 48
How to Schedule a Report ........................................................................... 50
How to Customize a Report.......................................................................... 50
Viewing Report Generation Status................................................................. 51
How to Start and Stop the Log Consolidator Engine........................................ 54
How to Configure Consolidation Settings and Sessions ................................... 54
How to Export and Import Database Tables.................................................... 60
How to Configure Database Maintenance Properties ....................................... 62
Eventia Reporter Instructions............................................................................ 64
Required Security Policy Configuration ......................................................... 64
Express Reports Configuration...................................................................... 65
6
Report Output Location ............................................................................... 66
Using Accounting Information in Reports ...................................................... 67
Additional Settings for Report Generation...................................................... 67
Generating Reports using the Command Line ................................................ 68
Reports based on Log Files not part of the Log File Sequence ......................... 69
Generating the Same Report using Different Settings ..................................... 69
How to Recover the Eventia Reporter Database .............................................. 70
How to Interpret Report Results whose Direction is “Other” ............................ 70
How to View Report Results without the Eventia Reporter Client...................... 70
How to Upload Reports to a Web Server ........................................................ 71
How to Upload Reports to an FTP Server....................................................... 73
How to Distribute Reports with a Custom Report Distribution Script................. 73
How to Improve Performance ....................................................................... 74
How to Dynamically Update Reports ............................................................. 77
How Can I Create a Report in a Single File .................................................... 78
Consolidation Policy Configuration..................................................................... 79

Chapter 4 Troubleshooting
Common Scenarios .......................................................................................... 84
Appendix A Out of the Box Consolidation Policy
Overview ......................................................................................................... 94
Out of the Box Consolidation Rules.................................................................... 95
Appendix B Predefined Reports
Cross Products Security Reports........................................................................ 98
Security Reports .............................................................................................. 99
Firewall Security Reports ................................................................................ 101
Endpoint Security Reports .............................................................................. 102
Cross Products Network Activity Reports .......................................................... 104
Network Activity Reports ................................................................................ 105
Firewall Network Activity Reports .................................................................... 106
VPN Reports ................................................................................................. 108
Connectra Reports ......................................................................................... 110
System Information Reports............................................................................ 111
InterSpect Reports......................................................................................... 112
Anti Virus Reports.......................................................................................... 113
Firewall-1 GX Reports .................................................................................... 114
Analyzer Reports............................................................................................ 115
My Reports ................................................................................................... 116
Index..........................................................................................................
123
7
Preface
P
Preface
In This Chapter
Who Should Use This Guide page 8
Summary of Contents page 9

Related Documentation page 10
More Information page 13
Feedback page 14
Who Should Use This Guide
8
Who Should Use This Guide
This guide is intended for administrators responsible for maintaining network
security within an enterprise, including policy management and user support.
This guide assumes a basic understanding of
• System administration.
• The underlying operating system.
• Internet protocols (IP, TCP, UDP etc.).
Summary of Contents
Preface 9
Summary of Contents
This guide describes the Eventia Reporter solution for monitoring and auditing
traffic. With the features presented in this guide you will learn how to generate
detailed or summarized reports in the format of your choice (list, vertical bar, pie
chart etc.) for all events logged by Check Point VPN-1 Power, SecureClient and
SmartDefense:
Appendices
This guide contains the following appendices
:
Chapter Description
Chapter 1, “Eventia
Reporter”
provides an overview of Eventia Reporter with an
in-depth explanation about Log Consolidation
reports and the difference between Standard and
Express reports.

Chapter 2, “Getting Started” presents the prerequisites (processes and tools)
necessary to begin working with Eventia Reporter
(for example, Licenses, etc.).
Chapter 3, “How To Use
Eventia Reporter”
provides a step-by-step guide that covers the
basic Eventia Reporter operations, information
on advanced or specific configuration scenarios
and information about the Out of the Box
Consolidation Policy.
Chapter 4, “Troubleshooting” presents frequently asked questions and their
solutions.
Appendix Description
Appendix A, “Out of the Box
Consolidation Policy”
provides the 13 predefined, Out of the Box
Consolidation Policy Rules.
Appendix B, “Predefined
Reports”
This appendix describes the predefined reports
available under each subject and specifies the
report ID required for command line generations.
Related Documentation
10
Related Documentation
The NGX R65 release includes the following documentation:
TABLE P-1 VPN-1 Power documentation suite documentation
Title Description
Internet Security Product
Suite Getting Started

Guide
Contains an overview of NGX R65 and step by step
product installation and upgrade procedures. This
document also provides information about What’s
New, Licenses, Minimum hardware and software
requirements, etc.
Upgrade Guide Explains all available upgrade paths for Check Point
products from VPN-1/FireWall-1 NG forward. This
guide is specifically geared towards upgrading to
NGX R65.
SmartCenter
Administration Guide
Explains SmartCenter Management solutions. This
guide provides solutions for control over
configuring, managing, and monitoring security
deployments at the perimeter, inside the network, at
all user endpoints.
Firewall and
SmartDefense
Administration Guide
Describes how to control and secure network
access; establish network connectivity; use
SmartDefense to protect against network and
application level attacks; use Web Intelligence to
protect web servers and applications; the integrated
web security capabilities; use Content Vectoring
Protocol (CVP) applications for anti-virus protection,
and URL Filtering (UFP) applications for limiting
access to web sites; secure VoIP traffic.
Virtual Private Networks

Administration Guide
This guide describes the basic components of a
VPN and provides the background for the
technology that comprises the VPN infrastructure.
Related Documentation
Preface 11
Eventia Reporter
Administration Guide
Explains how to monitor and audit traffic, and
generate detailed or summarized reports in the
format of your choice (list, vertical bar, pie chart
etc.) for all events logged by Check Point VPN-1
Power, SecureClient and SmartDefense.
SecurePlatform™/
SecurePlatform Pro
Administration Guide
Explains how to install and configure
SecurePlatform. This guide will also teach you how
to manage your SecurePlatform machine and
explains Dynamic Routing (Unicast and Multicast)
protocols.
Provider-1/SiteManager-1
Administration Guide
Explains the Provider-1/SiteManager-1 security
management solution. This guide provides details
about a three-tier, multi-policy management
architecture and a host of Network Operating Center
oriented features that automate time-consuming
repetitive tasks common in Network Operating
Center environments.


TABLE P-2 Integrity Server documentation
Title Description
Integrity Advanced
Server Installation
Guide
Explains how to install, configure, and maintain the
Integrity Advanced Server.
Integrity Advanced
Server Administrator
Console Reference
Provides screen-by-screen descriptions of user
interface elements, with cross-references to relevant
chapters of the Administrator Guide. This document
contains an overview of Administrator Console
navigation, including use of the help system.
Integrity Advanced
Server Administrator
Guide
Explains how to managing administrators and
endpoint security with Integrity Advanced Server.
Integrity Advanced
Server Gateway
Integration Guide
Provides information about how to integrating your
Virtual Private Network gateway device with Integrity
Advanced Server. This guide also contains information
regarding deploying the unified SecureClient/Integrity
client package.
TABLE P-1 VPN-1 Power documentation suite documentation (continued)

Title Description
Related Documentation
12
Integrity Advanced
Server System
Requirements
Provides information about client and server
requirements.
Integrity Agent for Linux
Installation and
Configuration Guide
Explains how to install and configure Integrity Agent
for Linux.
Integrity XML Policy
Reference Guide
Provides the contents of Integrity client XML policy
files.
Integrity Client
Management Guide
Explains how to use of command line parameters to
control Integrity client installer behavior and
post-installation behavior.
TABLE P-2 Integrity Server documentation (continued)
Title Description
More Information
Preface 13
More Information
• For additional technical information about Check Point products, consult Check
Point’s SecureKnowledge at />• See the latest version of this document in the User Center at
/>Feedback

14
Feedback
Check Point is engaged in a continuous effort to improve its documentation. Please
help us by sending your comments to:

15
Chapter
1
Eventia Reporter
In This Chapter
The Need for Reports page 16
Eventia Reporter Solution page 17
Eventia Reporter Considerations page 26
Eventia Reporter Database Management page 33
The Need for Reports
16
The Need for Reports
To manage your network effectively and to make informed decisions, you need to
gather information on the network’s traffic patterns. There is a wide range of issues
you may need to address, depending on your organization’s specific needs:
• As a Check Point customer, you may wish to check if your expectations of the
products are indeed met.
• From a security point of view, you may be looking for suspicious activities,
illegal services, blocked connections or events that generated alerts.
• As a system administrator, you may wish to sort the Security Policy based on
how often each Rule is matched, and delete obsolete Rules that are never
matched.
• You may be looking for general network activity information, for purposes such
as capacity planning.
• From the corporate identity and values perspective, you may want to ensure

your employees’ surfing (such as the web sites they access) comply with your
company’s policy.
• From a sales and marketing point of view, you may wish to identify the most
and the least visited pages on your website or your most and least active
customers.
To address these issues, you need an efficient tool for gathering the relevant
information and displaying it in a clear and accurate format.
Eventia Reporter Solution
Chapter 1 Eventia Reporter 17
Eventia Reporter Solution
In This Section
Some Basic Concepts and Terminology
• Automatic Maintenance - the process of automatically deleting and/or archiving
older database records into a backup file.
• Consolidation - the process of reading logs, combining instances with the same
key information to compress data and writing it to the database.
• Consolidation Policy - the rules to determine which logs the consolidator will
accept and how to consolidate them. We recommend that you use the
out-of-the-box policy without change.
• Consolidation Session - an instance of the consolidation process. There can be
one active session for every log server.
• Express Reports - reports based on the SmartView Monitor counters and
SmartView Monitor History files. These reports are not as flexible as standard
reports but are generated quickly.
• Log Sequence - the series of log files as specified by
fw.logtrack
. When a log
switch is performed, the log file is recorded in the sequence of files. The log
consolidator can follow this sequence.
• Report - a high-level view of combined log information that provides meaning to

users. Reports are comprised of sections.
• Standard Reports - reports based on consolidated logs.
• $RTDIR - the installation directory of the Eventia Reporter.
Some Basic Concepts and Terminology page 17
Eventia Reporter — Overview page 18
Log Consolidation Process page 20
Eventia Reporter Standard Reports page 22
Predefined Reports page 23
Eventia Reporter Solution
18
Eventia Reporter — Overview
Check Point Eventia Reporter delivers a user-friendly solution for monitoring and
auditing traffic. You can generate detailed or summarized reports in the format of
your choice (list, vertical bar, pie chart etc.) for all events logged by Check Point
VPN-1 Power, SecureClient and SmartDefense.
Eventia Reporter implements a Consolidation Policy, which goes over your original,
“raw” log file. It compresses similar events and writes the compressed list of events
into a relational database (the Eventia Reporter Database). This database enables
quick and efficient generation of a wide range of reports. The Eventia Reporter
solution provides a balance between keeping the smallest report database possible
and retaining the most vital information with the most flexibility.
A Consolidation Policy is similar to a Security Policy in terms of its structure and
management. For example, both Rule Bases are defined through the
SmartDashboard’s Rules menu and use the same network objects. In addition, just
as Security Rules determine whether to allow or deny the connections that match
them, Consolidation Rules determine whether to store or ignore the logs that match
them. The key difference is that a Consolidation Policy is based on logs, as
opposed to connections, and has no bearing on security issues.
Figure 1-1 illustrates the Consolidation process, defined by the Consolidation
Policy. After the VPN-1 Power Modules send their logs to the SmartCenter Server,

the Log Consolidator Engine collects them, scans them, filters out fields defined as
irrelevant, merges records defined as similar and saves them to the Eventia
Reporter Database.
Figure 1-1
Log Consolidation Process
The Eventia Reporter Server can then extract the consolidated records matching a
specific report definition from the Eventia Reporter Database and present them in
a report layout (Figure 1-2):
Eventia Reporter Solution
Chapter 1 Eventia Reporter 19
Figure 1-2
Report Generation Process
Two types of reports can be created: Standard Reports and Express Reports. The
Standard Reports are generated from information in log files through the
Consolidation process to yield relevant analysis of activity. Express Reports are
generated from SmartView Monitor History files and are produced much more
quickly.
Eventia Reporter Standard Reports are supported by two Clients:
• SmartDashboard Log Consolidator — manages the Log Consolidation rules.
• Eventia Reporter Client — generates and manages reports.
Figure 1-3 illustrates the Eventia Reporter architecture for Standard Reports:
Figure 1-3
Eventia Reporter Standard Report Architecture
Eventia Reporter Solution
20
The interaction between the Eventia Reporter Client and Server components applies
both to a distributed installation (as shown in Figure 1-3), where the SmartCenter
Server and Eventia Reporter’s Server components are installed on two different
machines, and to a standalone installation, in which these products are installed on
the same machine.

DBsync
DBsync enables Eventia Reporter to synchronize data stored in different parts of
the network. In distributed information systems DBSync provides one-way
synchronization of data between the SmartCenter Servers object database and the
Eventia Reporter machine, and supports configuration and administration of
distributed systems.
With DBsync, initial synchronization is established between the Eventia Reporter
machine and the Management machine (for example, SmartCenter Server or MDS).
If the initial sychronization is not complete the administrator will receive a warning
informing him that the GUI will open in read-only mode. Once initial
synchronization is complete Eventia Reporter will open in Read/Write mode.
As a result of DBsync, whenever an object is saved (that is, a new object is created
or an existing object is changed) on a Management machine the object is
automatically synchronized in the Eventia Machine.
Synchronization can take time up to 30 minutes, although this is usually the time
needed for a very large database.
Log Consolidation Process
It is recommended to use the SmartView Log Consolidator’s predefined
Consolidation Policy (the Out of the Box Policy), designed to filter out irrelevant
logs and store the most commonly requested ones (such as blocked connection,
alert or web activity logs). The Log Consolidator Engine scans the Consolidation
Rules sequentially and processes each log according to the first Rule it matches.
Figure 1-4 illustrates how the Consolidation Policy processes logs: when a log
matches a Consolidation Rule, it is either ignored or stored. If it is ignored, no
record of this log is saved in the Eventia Reporter system, so its data is not
Note -
When working in Provider-1 mode you must select a customer(s) that will initiate a
synchronization with the CMA of the selected customer (
Tools > Customer Activation
).

Eventia Reporter Solution
Chapter 1 Eventia Reporter 21
available for report generation. If it is stored, it is either saved as is (so all log
fields can later be represented in reports), or consolidated to the level specified by
the Rule.
Figure 1-4
Log Process Chart
The Consolidation is performed on two levels: the interval at which the log was
created and the log fields whose original values should be retained. When several
logs matching a specific Rule are recorded within a predefined interval, the values
of their relevant fields are saved “as is”, while the values of their irrelevant fields
are merged (for example, “consolidated”) together.
How to interpret Computer names in DHCP enabled
networks
In DHCP address mapping is used. Assuming the DNS knows how to resolve
dynamic addresses, the information you see in the report reflects the correct
resolving results for the time the reported log events have been processed by the
SmartDashboard Log Consolidator and inserted into the database.
Because of the dynamic nature of DHCP address distribution, there is no guarantee
that consolidation of old log files will produce correct address name resolving.
When DHCP is in use, consolidating log files close to the time of their creation will
improve address-resolving accuracy.
Eventia Reporter Solution
22
Eventia Reporter Standard Reports
The Log Consolidation process results in a database of the most useful, relevant
records, known as the Eventia Reporter Database. The information is consolidated
to an optimal level, balancing the need for data availability with the need for fast
and efficient report generation.
Reports are generated based on a single database table, specified in the Reports

view > Standard Reports > Input tab. By default, all consolidated records are saved
to the
CONNECTIONS
table and all reports use it as their data source. However, each
time you create a new consolidation session, you have the option of storing records
in a different table.
Dividing the consolidated records between different tables allows you to set the
Eventia Reporter Client to use the table most relevant to your query, thereby
improving the Eventia Reporter Server’s performance. In addition, dividing records
between tables facilitates managing the Eventia Reporter Database: you can delete
outdated tables, export tables you are not currently using to a location outside of
the Eventia Reporter Database and import them back when you need them.
Eventia Reporter Express Reports
Express Reports are based on data collected by Check Point system counters and
SmartView Monitor History files. Standard Reports, in contrast, are based on Log
Consolidator logs. Because Express Reports present historical data, they cannot be
filtered, but they can be generated at a faster rate.
Express Reports are supported by one Client, the Eventia Reporter. To configure
your system to generate Express Reports, see “Express Reports Configuration” on
page 65.
Figure 1-5 illustrates the Eventia Reporter architecture for Express Network
Reports:
Eventia Reporter Solution
Chapter 1 Eventia Reporter 23
Figure 1-5
Eventia Reporter Express Report Architecture
Predefined Reports
The Eventia Reporter Client offers a wide selection of predefined reports for both
Standard and Express reporting, designed to cover the most common network
queries from a variety of perspectives.

Report Subjects
The reports are grouped by the following subjects, allowing you to easily locate the
one you need:
• Cross Products Security (Standard) — this subject includes reports that allow
you to analyze traffic associated with security attacks, blocked connections,
login activity and login failures.
• Firewall Security (Standard) — this subject contains predefined reports that
allow you to view data about connections blocked by VPN-1 Power and alerts
issued by the VPN-1 Power gateway. With these reports you can inspect
connections whose origin or destination is the VPN-1 Power gateway, analyze
rules for a specific gateway and review data regarding the number of policy
install and uninstall procedures.
• Security (Express) — this subject includes reports that allow you to focus on the
FireWall-1 activity and the SmartDefense attacks it detected.
• Endpoint Security (Standard) — this subject contains predefined reports about
trends in Endpoint security, which endpoints and users are out of compliance
with security policies and what firewall events occurred on endpoint computers.
In addition, this subject offers reports about programs used to violate corporate
policy and identifies the use of attachments that could be malicious or may
violate policy.
Eventia Reporter Solution
24
• Cross Products Network Activity (Standard) — this subject includes reports that
present data about all accepted traffic events as well as web traffic through
Firewall and Connectra. With these reports you can also view a list of all
approved events.
• Firewall Network Activity (Standard) — this subject provides data about network
traffic, web traffic, FTP traffic, SMTP traffic, POP3/IMAP traffic handled by the
VPN-1 Power gateway. In addition, these reports present the user's activity as it
was logged by the gateway and include accounting information. These reports

are based on Firewall connections.
• Network Activity (Express) — this subject includes reports that enable you to
analyze the most popular activities in your network. It gives the most used
source, destination, service and rules. It also gives more details about the
common services (ftp, http, https, smtp, telnet, pop3).
• VPN (Standard, Express) — this subject includes reports that allow you to
analyze various aspects of your encrypted traffic, such as its distribution over
time, the top services or sources, etc. You can examine your VPN-1 Power
activity as a whole, or focus on a specific VPN Tunnel or VPN Community. In
addition, these reports include SecureClient user activity.
• Firewall-1 GX (Standard) — contains predefined reports that allow you to
analyze various aspects of the Firewall-1 GX product.
• System Information (Express) — this subject includes reports that allow you to
analyze various aspects of system load and operational activity, including CPU
usage, kernel usage, and memory usage.
• Connectra (Standard) — this subject contains reports about file share activity
through Connectra and general data about Connectra events.
• InterSpect (Standard, Express) — this subject provides reports about the
network activity handled by InterSpect. With this subject you can also view the
list of dynamic rules added to the system as well as having a summary report of
the quarantined machines.
• Anti Virus (Standard) — this subject provides reports about detected viruses and
scanned file types.
• My Reports (Standard, Express) — select predefined reports and customize to
your needs.
For descriptions of each predefined report available, see “Predefined Reports” on
page 97”.
Eventia Reporter Solution
Chapter 1 Eventia Reporter 25
Report Structure

Each report consists of a collection of sub-topics known as sections, which cover
various aspects of the report. For example, the User Activity report consists of
sections such as User Activity by Date, Top Users and Top Services for User Related
Traffic.
Customizing Predefined Reports
You can easily customize the report that is closest to your needs (by changing its
date range, filters etc.) to provide the desired information. Changing the filters of a
predefined report constitutes a change in the nature of the report and the report
must therefore by saved in a different location or under a different name. You can
save the customized report under a different name in the report subject dedicated
to user-defined reports, My Reports.