Hi,
Our DLP setup mainly consists of two roles that we're currently using, System Admins who set everything up and do the backend management of the Enforce server, and Investigators who review incidents and mark them appropriately.
I've been asked if we can set up a weekly or daily report that shows all endpoint agents with a status of Critical or Warning, so our Investigators can check these machines and make sure they're still online and have a functioning DLP agent.
Only SysAdmins currently have access to the System tab, so only we can check the status of agents. Investigators don't have access to this, and the only way I can find to give them this is to grant the role the user privileges for Agent Management, however this also gives them the ability to delete agents, change their detection servers and agent group, plus shutdown/restart the agent. This is a bit more control than we'd like to give these users.
I've managed to create a shared report which does this, and I'd like to have this run weekly and email to a distribution list. However I can't seem to find any way to schedule this, the Schedule button is grayed out, so I can only Edit or Delete the report.
My only options at the moment seem to be to manually run the report and export it myself, or delegate Agent Management priveleges. Does anyone know a way I can resolve this?
Cheers