Reports

Keyfactor Command uses the Logi Analytics Platform to provide a number of built-in reports based on certificate data in the Keyfactor Command database. These reports are available for viewing through the Management Portal, if you configured that option during the installation and configuration process (see Dashboard and Reports Tab in the Keyfactor Command Server Installation Guide). The reports can also be configured to save to a network path or deliver via email periodically, if desired.

As of Keyfactor Command version 10, Logi has been upgraded to v14 SP2 and a new Logi license is included in the application.

Note:  Any CAs that have not been configured for synchronization will not appear as an option for reports which require selecting a CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA..
Tip:  If you Save a new certificate collectionClosed The certificate search function allows you to query the Keyfactor Command database for certificates from any available source based on any criteria of the certificates and save the results as a collection that will be availble in other places in the Management Portal (e.g. expiration alerts and certain reports)., or Save a change to an existing certificate collection, that change will be immediately reflected in the collection data used to display certificate collections on dashboards and reports. The data used by the dashboards and reports is stored in an intermediate table that is updated immediately. It will also continue to be updated periodically (approximately every 20 minutes by default as configured by the Dashboard Collection Caching Interval application setting) by the Keyfactor Command Service (see Application Settings: Console Tab).

Once a report has been generated, you may be able to export it to either PDF, Excel, or CSV. The export file types available for each standard report are shown in Table 7: Chart of Available Exports per Standard Report.

Table 7: Chart of Available Exports per Standard Report

PDF and Excel Excel and CSV PDF, Excel and CSV
Certificate Count by TemplateClosed A certificate template defines the policies and rules that a CA uses when a request for a certificate is received. Certificates Found at TLSClosed TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers./SSLClosed TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. Endpoints Certificate Count Grouped by Single MetadataClosed Metadata provides information about a piece of data. It is used to summarize basic information about data, which can make working with the data easier. In the context of Keyfactor Command, the certificate metadata feature allows you to create custom metadata fields that allow you to tag certificates with tracking information about certificates. Fields
Certificate Count by User per Template Certificates in Collection  
Certificate by Key Strength Expiration Report by Days  
Certificates by Revoker Full Certificate Extract  
Certificates by Type and Java Keystores Revoked Certificates in Certificate Stores  
Certificate Issuance Trends with Metadata SSHClosed The SSH (secure shell) protocol provides for secure connections between computers. It provides several options for authentication, including public key, and protects the communications with strong encryption. Keys with Root Logon Access  
Expiration Report SSH Trusted Public Keys with No Known Private KeyClosed Private keys are used in cryptography (symmetric and asymmetric) to encrypt or sign content. In asymmetric cryptography, they are used together in a key pair with a public key. The private or secret key is retained by the key's creator, making it highly secure.  
Issued Certificates Per Certificate AuthorityClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. SSH Key Usage Report  
Monthly Executive Report    
PKIClosed A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. Status for Collection    
Statistical Report    
SSH Keys by Age    

Most reports now have drill-down capability. Clicking on a chart or graph segment in a report will open the corresponding query grid in a new browser window or tab populated with the query as defined by the selected graph segment. For example, for the Certificates by Key Strength report, clicking on a bar or pie will take you to the Certificate Search page pre-populated with the query that corresponds to that bar or pie.

Figure 55: Report Drill Down: Certificates by Key Strength Report

Figure 56: Report Drill Down: Certificate Search Results

The following reports are available as part of the standard Keyfactor Command installation. Those marked with a (*) have been configured to Show in Navigator by default, so they appear on the Management Portal top menu under Reports. The Report Manager page shows all the available reports.

  • Certificate Count by Template
  • Certificate Count by User per Template
  • Certificate Count Grouped by Single Metadata Field
  • Certificate Issuance Trends with Metadata
  • Certificates by Key Strength
  • Certificates by Revoker
  • Certificates by Type and Java Keystores
  • Certificates Found at TLS/SSL Endpoints
  • Certificates in Collection (*)
  • Expiration Report (*)
  • Expiration Report by days (*)
  • Full Certificate Extract (*)
  • Issued Certificates per Certificate Authority
  • Monthly Executive Report
  • PKI Status for Collection (*)
  • Revoked Certificates in Certificate Stores
  • SSH Key Usage Report
  • SSH Keys by Age
  • SSH Keys with Root Logon Access
  • SSH Trusted Public Keys with No Known Private Keys
  • Statistical Report (*)