How to Use Reporting
You can use our Reporting feature to view actionable metrics and insights into the effectiveness of your security awareness training. From the Reports tab of your KnowBe4 console, you can create and customize reports to meet your organization's needs. These reports will help you understand where you need to improve your security awareness program to strengthen your human firewall.
You can filter each report by specific criteria and download your reports as PDF files or CSV files.
Click the links below to learn about creating reports, the different report categories and types, and frequently asked questions. If you prefer video tutorials, you can also watch our Reporting video.
Jump to:
Creating Reports
Report Categories and Types
Frequently Asked Questions (FAQs)
Creating Reports
On the Reports tab, you can view reports and customize these reports to fit your organization’s needs. To view a report, follow the steps below:
- From your KnowBe4 console, navigate to the Reports tab.
- Find the type of report you would like to view. You can scroll through the list or enter a keyword into the search bar.
- Once you find the report you’d like to view, click on the report.
- When the report opens, you have the option to filter the report data by defining the report type and criteria from the drop-down menus. To learn more about the available report types and criteria, see the Report Categories and Types section below.
- Click Submit to update the report.
If you would like to download the report, you can scroll down to the bottom of the page and click on one of the two download options. You can click either Download Report to download the report as a PDF file or Generate CSV to download the report as a CSV file.
Report Categories and Types
We offer several different report categories, report types, and filters to help you customize your reports. To learn more about our available categories, types, and filters, and suggested use cases, click on a report category or specific report from the list below.
Note: The IP addresses that appear in your reports are the IP addresses where your users last logged in from.
Risk Score Reports
Our available Risk Score Reports are listed below. For more information about how Risk Scores are calculated, see our Risk Score Guide.
Risk Score by Group
Description: This report displays the average Risk Score of the selected users.
Filters: User Groups and Date Range.
Use Case: You can use this report to determine your most at-risk users or groups so you can adjust or modify their security awareness training.
Risk Score by Location
Description: This report displays the average Risk Score of the selected users by location.
Filters: Locations and Date Range.
Use Case: You can use this report to identify risk patterns by location and learn which locations may need adjustments to their security awareness training. This information may also help you determine if your organization needs more localized training content.
Risk Score by Riskiest User
Description: This report displays the 10 users with the highest Risk Score in the selected accounts or groups.
Filters: User Groups and Date Range.
Use Case: You can use this report to determine your most at-risk users so that you know which users may need their security awareness training adjusted.
Group and User Report Cards
Group Report Cards
Description: This report displays a summary of the following reports: Group Risk Score, Group Phish-prone Percentage, Group User Count, Top 5 Clicked Templates, and Training Status.
Filters: Group and Date Range.
Use Case:You can use this information as an executive summary to show overall organization risk and the status of your security awareness training.
Note: Group Report Cards can only be downloaded as PDF files.
User Report Cards
Description: This report displays a summary of the following reports for a specific user: User Risk Score, User Phish-prone Percentage, Top 5 Clicked Emails, and Training Status.
Filters: User and Date Range.
Use Case: You can use this information as part of an employee's performance review to determine the employee's level of risk to the organization and their security awareness training progress.
Note: User Report Cards can only be downloaded as PDF files.
Phishing Activity
Description: This report displays your organization's phishing activity by PST.
Filters: Report Type, Phishing Campaigns, User Groups, Date Range, Phishing Security Test Outcome, User Status, Exclude User Groups, and Template Attack Vectors
Use Case: You can use this report to view comprehensive data about your users' overall PST results.
To learn more about the phishing activity report, see our How to Customize and View Phishing Activity Reports article.
Phish-prone Percentage Reports
Our available Phish-prone Percentage Reports are listed below. For more information about how Phish-prone Percentages are calculated, see our How Is Phish-prone Percentage Calculated? article.
Phish-prone Percentage by Group
Description: This report shows the average Phish-prone Percentage for the selected users.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how vulnerable a specific group is to phishing attacks. This information can help you determine if a specific group needs more training time and if their Phish-prone Percentage has improved over time.
Phish-prone Percentage by Training Time
Description: This report compares the time your users have spent reviewing training content to the average Phish-prone Percentage for the selected accounts or groups.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how time spent in security awareness training affects Phish-prone Percentage for the selected accounts or groups. You can then use this information to determine if you need to make adjustments to your security awareness training plan.
Campaign Phish-prone Percentage
Description: This report displays the average Phish-prone Percentage for specific campaigns.
Filters: Campaigns, User Groups, and Date Range. You can also select the Combine Results check box to see the average Phish-prone Percentage across multiple campaigns or groups. The report will display the Phish-prone Percentage over time for the combined results. If you only select one campaign, the report will show as a pie graph.
Use Case: You can use this report to identify which phishing campaign or campaigns caused the most phishing test failures. This information can help you identify what type of training your users need or the type of attack method your users are most vulnerable to.
Initial Phish-prone Percentage
Description: This report displays the average Phish-prone Percentage for your users' first phishing tests.
Filters: Date Range.
Use Case: You can use this information as a baseline to see how likely your users are to fail a phishing attack before you enroll your users in security awareness training.
Failure Types Report
Description: This report displays the number of failure types by campaign for the selected users.
Filters: Specific Campaigns, User Groups, and Date Range.
Use Case: You can use this report to identify the ways your users failed the selected campaigns. This information can help you see which attack vectors your users are most susceptible to.
Phish-failure Percentage Reports
Our available Phish-failure Percentage Reports are listed below. For more information about how Phish-failure Percentage is calculated, see our How Is Phish-failure Percentage Calculated? article.
Overall Phish-failure Percentage
Description: This report displays the average Phish-failure Percentage for the selected users.
Available Filters: User Groups and Date Range.
Use Case: You can use this report to see how likely a specific group is to fail a phishing attack. This information can help you determine if your users need more training time or if their Phish-failure Percentage has improved over time.
Campaign Phish-failure Percentage
Description: This report displays the average Phish-failure Percentage by selected campaigns for the selected users.
Filters: Campaigns, User Groups, and Date Range. You can also select the Combine Results check box to see the average Phish-failure Percentage across multiple campaigns or groups. The report will display the Phish-failure Percentage over time for the combined results.
Use Case: You can use this report to identify which phishing campaign or campaigns caused the most users to fail. This information can help you identify which of your users need additional training or which campaign caused the most phishing failures.
Email Templates Sent Reports
Emails Sent by Template
Description: This report displays statistics for the selected email templates. If you have not used the selected templates, you will not see results.
Available Filters: Email Template and Date Range.
Use Case: You can use this report to keep track of the email templates that you have used and to determine which templates cause the most failures among your users. For example, if your users have very few failures but you have only sent templates with one-star difficulty ratings, you may want to send templates with higher difficulty ratings.
Emails Sent by Group
Description: This report displays email statistics for the selected groups.
Available Filters: User Groups and Date Range.
Use Case: You can use this report to keep track of how many email templates a specific group has received and the overall effectiveness of your phishing campaigns. This information may help you identify how often a specific group is enrolled in phishing campaigns.
Failures by Phishing Template Report
Description: This report shows you the percentage of users who failed the phishing test with a specific failure type for the selected campaigns. This report is organized by phishing templates within the selected campaigns. The graph shows the number of failures by failure type.
Filters: Phishing Campaigns and Date Range.
Use Case: You can use this report to see the type of failures your users are most likely to make. This information can help you determine the types of attack vectors that your users are most vulnerable to so that you can create more targeted phishing and training campaigns.
Training Activity
Description: This report displays your organization's training activity by training enrollment.
Filters: Report Type, Training Campaigns, User Groups, Date Range, Content Types, Training Status, and User Status
Use Case: You can use this report to view comprehensive data about your users' overall training activity.
To learn more about the training activity report, see our How to Customize and View Training Activity Reports article.
Training Content Survey
Description: This report displays your organization's training survey results by campaign or content.
Filters: Report Type, Training Campaigns, Courses, Date Range
Use Case: You can use this report to determine what training content is most effective for your users. This information can help you select training content for your campaigns.
Training Status Overview Reports
Training Status Overview by Campaign
Description: This report displays the training status of the users in the selected campaigns.
Filters: Training Campaigns and Date Range.
Use Case: You can use this report to keep your users on track with their training. This information can help you determine when to send training notifications or reminders to your users.
Training Status Overview by Course
Description: This report shows you the training status of your users for the selected campaigns organized by the courses assigned to those campaigns. It displays the total number of users for each course.
Filters: Training Campaigns and Date Range.
Use Case: You can use this report to keep your users on track with their training courses. This information can help you determine when to send training notifications or reminders to your users.
Training Status Overview by User Group
Description: This report displays the total number of users by group in each training status for all campaigns.
Filters: User Groups and Date Range.
Use Case: You can use this report to keep your users or specific groups on track with their training. This information can help you determine when to send training notifications or reminders to your users.
Training Status by Campaign
Description: This report shows you the training statuses of the users in the selected campaigns.
Filters: Training Campaigns, User Groups, and Date Range.
Use Case: You can use this report to keep your users on track with their training. This information can help you determine when to send training notifications or reminders to your users.
Training Comparison Reports
Phish-prone Percentage Comparison
Description: This report displays the average Phish-prone Percentage for users who have taken training (trained) and users who haven't taken training (untrained) in the selected accounts or groups.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how training affects your users by comparing the Phish-prone Percentage of untrained and trained users. This information may help you when you plan your training campaigns and when you select training content.
Risk Score Comparison
Description: This report displays the average Risk Score for users who have taken training (trained) and users who haven't taken training (untrained) in the selected accounts or groups.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how training affects your users by comparing the Risk Score of untrained and trained users. This information may help you when you plan training campaigns and when you select training content.
Training Hours Reports
Description: This report displays the number of hours selected users have spent training. Training hours include any time spent on an assignment, regardless of completion status.
Filters: User Groups and Date Range.
Use Case: You can use this report to identify users who haven’t spent enough time working on their security awareness training. The number of training hours spent can reflect in a user’s Phish-prone Percentage or explain why a user is failing phishing tests.
Security Awareness Proficiency Assessment Reports
Our available Security Awareness Proficiency Assessment Reports are listed below. For more information about the Security Awareness Proficiency Assessment, or SAPA, see our What Is the Security Awareness Proficiency Assessment? article.
Risk Score by Assessment Score
Description: This report compares the assessment score and the Risk Score for the selected groups.
Filters: User Groups and Date Range.
Use Case: This report shows you how your users’ average assessment scores compare to their average Risk Scores. This information may help you when you plan training campaigns or select training content.
User Count by Assessment Score
Description: This report displays the number of selected users with scores in each assessment score range.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how many users scored within a particular range on their assessment. This information may help you when you plan training campaigns or select training content.
Assessment Score by Knowledge Area
Description: This report displays the average assessment score for the selected groups and knowledge areas.
Filters: Knowledge Areas, User Groups, and Date Range.
Use Case: You can use this report to compare the assessment scores for each of the seven knowledge areas. This information may help you when you plan training campaigns or select training content.
Assessment Score by Knowledge Area Over Time
Description: This report displays the average assessment score for the selected groups and knowledge areas over time.
Filters: Knowledge Areas, User Groups, and Date Range.
Use Case: You can use this report to see how the assessment scores for the seven knowledge areas have changed over time. This information may help you when you plan training campaigns or select training content.
Security Culture Survey Reports
Our available Security Culture Survey Reports are listed below. For more information about the Security Culture Survey, or SCS, see our What Is the Security Culture Survey? article.
Risk Score by Culture Score
Description: This report displays the culture score and Risk Score of each selected group.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how your organization's culture score compares to your Risk Score. This information may help you improve your organization’s security culture.
User Count by Culture Score
Description: This report displays the number of selected users who scored within each culture score range.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how many users scored within a particular range on their Security Culture Survey. This information may help you improve your organization’s security culture.
Survey Score by Dimension
Description: This report displays the average culture score for the selected users and the selected dimensions.
Filters: Dimensions, User Groups, and Date Range.
Use Case: You can use this report to compare your scores for each of the seven dimensions. This information may help you improve your organization’s security culture.
Survey Score by Dimension Over Time
Description: This report displays the average culture score for the selected users and dimensions over time.
Filters: Dimensions, User Groups, and Date Range.
Use Case: You can use this report to see how the culture score for the seven dimensions has changed over time. This information may help you develop your organization’s security culture.
Unphished and Untrained User Reports
Unphished Users
Description: This report displays a list of users who have not received a simulated phishing test email.
Filters: Date Range.
Use Case: You can use this report to identify users who haven’t been sent a phishing test. This information may help you plan future phishing campaigns.
Incomplete Training
Description: This report displays a list of all users who have not completed any of their assigned training.
Filters: Date Range.
Use Case: You can use this report to see which of your users haven’t completed their security awareness training. This information may help you plan future training campaigns and discover potential gaps in your users’ training.
No Training Assigned
Description: This report displays a list of all users who have not been assigned training.
Filters: Date Range.
Use Case: You can use this report to see which of your users haven’t been assigned security awareness training. This information may help you plan your training campaigns and discover potential gaps in your users’ training.
Training Not Started
Description: This report displays a list of all users who have not started their assigned training.
Filters: Date Range.
Use Case: You can use this report to see which of your users haven’t started their security awareness training. You can use this information to send out training notifications and reminders to specific users.
User Count and Login Counts
User Count
Description: This report displays the number of active users in the selected groups.
Filters: User Groups and Date Range.
Use Case: You can use this report to see how your user count changes over time or to review all of your active users.
User Login Activity
Description: This report displays the login activity of active users for the selected groups.
Filters: User Groups and Date Range.
Use Case: You can use this report to view all user login activity across multiple groups. This information may help you determine which groups have not been logging in to take their security awareness training.
Phishing Results by User Count
Phish-prone Percentage by User Count
Description: This report displays the number of users within the selected groups in each Phish-prone Percentage range.
Filters: User Groups.
Use Case: You can use this report to see how many users have a specific Phish-prone Percentage. This information can help you enroll users in security awareness training if they have a higher Phish-prone Percentage.
Failure Type by User Count
Description: This report displays the types of phishing test failures recorded for users within the specified date range. The number of failures for each failure type is included.
Filters: User Groups and Date Range.
Use Case: You can use this report to see which attack vectors your users are most vulnerable to, such as attachments or links. You can use this information to enroll users in training or test your users based on specific vulnerabilities.
Frequently Asked Questions (FAQs)
Question: What options are available for the Date Range field?
Answer: See the chart below for an explanation of the available options for the Date Range field:
|
Date Range |
Description |
|
Entire History |
Pulls data that matches the specified criteria and occurred between the time the account was created to now. |
|
This Week to Date |
Pulls data that matches the specified criteria and occurred between the last Sunday to now. |
|
This Month to Date |
Pulls data that matches the specified criteria and occurred between the last day of the month to now. |
|
Last Year |
Pulls data that matches the specified criteria and occurred between January first of last year to January first of this year. |
|
Last Quarter |
Pulls data that matches the specified criteria and occurred between the last business quarter. For example, January to March, April to June, July to September, and October to December. |
|
Last Month |
Pulls data that matches the specified criteria and occurred during the last calendar month. |
|
Last 6 Months |
Pulls data that matches the specified criteria and occurred during the last six months including the current month. |
|
Year to Date |
Pulls data that matches the specified criteria and occurred between January first of this year to now. |
|
Custom Date |
Pulls data that matches the specified criteria and occurred during the specified time frame. |
Question: Which reports show archived user data?
Answer: All Phishing Activity Reports and Training Activity Reports have the option to include archived users. For more information on including archived user data in Phishing Activity Reports, see our How to Customize and View Phishing Activity Reports article. For more information on including archived user data in Training Activity Reports, see our How to Customize and View Training Activity Reports article.
You can also include archived user data in all reports on the Report subtab of the Phishing tab in your KMSAT console by enabling the Include Archived Users In Reports check box under Account Settings. For more information, see the Phishing Settings section of our How to Edit Your Account Settings article.
Comments
0 comments
Article is closed for comments.