Search for an event

You can search the events list and view more detailed descriptions about events. The detailed descriptions include information such as the event ID, description, IP address, organization, user affected, date and time the event occurred, denied activities, and offline events (when users attempt to use a document when not connected to Rights Management).

You can search for events on the Events page by using a combination of event search criteria and the dates the events occurred. The events that you can search for depend on your role:

Can view audited events for their policy-protected documents and for any protected documents that they receive and use. These search options are available:
Events related to me:
Users can find events for any policy-protected document that they created or received. For example, if a user opens, views, or prints a document that another person protected, the user sees only these events for that document.

Events related to my documents:
Users can find all events that are related to their own policy-protected documents. The users see the events that are generated by every person who handled their documents.

Policy set coordinators:
Can view audited events, including document and policy events, for documents that are protected by policies from their policy sets. These options are available:
Document events where I am a policy set coordinator:
Policy set coordinators who have the view event permission can find events that are related to documents that policies from their policy sets protect.

Policy events where I am a policy set coordinator:
Policy set coordinators who have the view events permission can find events that are related to policies from their policy sets.

Can view audited events that are related to all policy-protected documents and users. Administrators can also track other types. Also, administrators can further subdivide event searches according to the type of user:
Known users:
Users are in the source directories or are registered as external users.

Anonymous users:
Unknown users who access a document that is protected with a policy that permits anonymous access.

System users:
Server-initiated events, such as a directory synchronization.
  1. On the Rights Management page, click Events.

  2. In the Find list, select the search criteria you want to use. Depending on your selection in the Find list, a second list is displayed that provides additional search criteria. If applicable, in the text box, type the search criteria.

    For more details about the specific event types, see Event auditing options.

  3. In the User list, select the user type who performed the event:

    • If you select Known User, a second search box is displayed, where you must type the user name or email address of the user.

    • If you do not know these values, click the Address book search icon to search for the user by either the user name or the email address.

  4. In the Date list, select a date range option. If you select Custom Dates, boxes appear, where you type the date in the format yyyy/mm/dd, or you can use the Date Picker to specify the date range:

    • Click the calendar to open the Date Picker.

    • Use the arrows to find a year and month.

    • Click a day of the month on the calendar.

    • Click OK to close the Date Picker.

  5. In the Display list, select the number of search results to display per page.

  6. Click Find.

    Any failed events are highlighted in the list with a denied icon.

  7. To view details about an event, click the description of the event in the list.

// Ethnio survey code removed