Using Reports

Reporting Guide

You can use our Reporting feature to view actionable metrics and insights into the effectiveness of your security awareness training. From the Reports tab of your KnowBe4 console, you can create and customize reports to meet your organization's needs. These reports will help you understand where you need to improve your security awareness program to strengthen your human firewall.

You can filter each report by specific criteria and download your reports as PDF files or CSV files. The timestamp on our reports is in UTC format.

Read the article below to learn about creating reports, the different report categories and types, and frequently asked questions. If you prefer video tutorials, you can also watch our Reporting video.

Creating Reports

On the Reports tab of your console, you can view and customize reports to fit your organization’s needs. The Reports subtab includes cards for each type of report. To find a report, you can scroll through the cards, search by keyword, or filter by category. To add a report to the Favorite Reports section at the top of the page, click on the star icon next to the report’s name.

To create a report, follow the steps below:

  1. Once you find the report you would like to view, click on the report name.
  2. When the report opens, filter the data by defining the report type and criteria from the drop-down menus. Learn more about the available report types and criteria in the Report Categories and Types section of this article.
  3. Once customized, click View Report to update the report.

If you would like to download the report, you can scroll down to the bottom of the page and click on one of the two download options. You can click either Download Report to download the report as a PDF file or Generate CSV to download the report as a CSV file. Downloaded reports will be in the language of the user who initiated the download.

Note:When your downloaded report is ready to be viewed, a bell icon will appear at the top-right corner of your console. Once you see this bell icon, your downloaded report will be available in the Download Center. For more information, see our Download Center Guide.

Report Categories and Types

We offer several different report categories, report types, and filters to help you customize your reports. To learn more about our available categories, types, filters, and suggested use cases, click on a report category or specific report from the list below.

Important:The IP addresses that appear in your reports are the IP addresses where your users last logged in from.
Risk Score Reports

Group and User Report Cards

Phishing Activity

Phish-prone Percentage Reports

Failure Types

Phish-failure Percentage Reports

Email Templates Sent Reports

Failures by Phishing Template

Learner Platform Reports

Training Activity

Training Content Survey

Training Status Overview Reports

Training Status by Campaign

Training Comparison Reports

Training Hours Reports

Security Awareness Proficiency Assessment Reports

Security Culture Survey Reports

Unphished and Untrained User Reports

User Count and Login Reports

Phishing Results by User Count

Risk Score Reports

Our available Risk Score Reports are listed below. For more information about how Risk Scores are calculated, see our Risk Score Guide.

Risk Score by Group

Description: This report displays the average Risk Score of the selected users.

Filters: User Groups and Date Range.

Use Case: You can use this report to determine your most at-risk users or groups so you can adjust or modify their security awareness training.

Back to list

Risk Score by Location

Description: This report displays the average Risk Score of the selected users by location.

Filters: Locations and Date Range.

Use Case: You can use this report to identify risk patterns by location and learn which locations may need adjustments to their security awareness training. This information may also help you determine if your organization needs more localized training content.

Back to list

Risk Score by Riskiest User

Description: This report displays the 10 users with the highest Risk Score in the selected accounts or groups.

Filters: User Groups and Date Range.

Use Case: You can use this report to determine your most at-risk users so that you know which users may need their security awareness training adjusted.

Back to list

Group and User Report Cards

Group Report Cards

Description: This report displays a summary of the following reports: Group Risk Score, Group Phish-prone Percentage, Group User Count, Top 5 Clicked Templates, and Training Status.

Filters: Group and Date Range.

Use Case:You can use this information as an executive summary to show overall organization risk and the status of your security awareness training.

Note:Group Report Cards can only be downloaded as PDF files.

Back to list

User Report Cards

Description: This report displays a summary of the following reports for a specific user: User Risk Score, User Phish-prone Percentage, Top 5 Clicked Emails, and Training Status.

Filters: User and Date Range.

Use Case: You can use this information as part of an employee's performance review to determine the employee's level of risk to the organization and their security awareness training progress.

Note:User Report Cards can only be downloaded as PDF files.

Back to list

Phishing Activity

Description: This report displays your organization's phishing activity by PST.

Filters: Report Type, Phishing Campaigns, User Groups, Date Range, Phishing Security Test Outcome, User Status, Exclude User Groups, and Template Attack Vectors

Use Case: You can use this report to view comprehensive data about your users' overall PST results.

To learn more about the phishing activity report, see our How to Customize and View Phishing Activity Reports article.

Phish-prone Percentage Reports

Our available Phish-prone Percentage Reports are listed below. For more information about how Phish-prone Percentages are calculated, see our How Is Phish-prone Percentage Calculated? article.

Phish-prone Percentage by Group

Description: This report shows the average Phish-prone Percentage for the selected users.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how vulnerable a specific group is to phishing attacks. This information can help you determine if a specific group needs more training time and if their Phish-prone Percentage has improved over time.

Back to list

Phish-prone Percentage by Training Time

Description: This report compares the time your users have spent reviewing training content to the average Phish-prone Percentage for the selected accounts or groups.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how time spent in security awareness training affects Phish-prone Percentage for the selected accounts or groups. You can then use this information to determine if you need to make adjustments to your security awareness training plan.

Back to list

Campaign Phish-prone Percentage

Description: This report displays the average Phish-prone Percentage for specific campaigns.

Filters: Campaigns, User Groups, and Date Range. You can also select the Combine Results check box to see the average Phish-prone Percentage across multiple campaigns or groups. The report will display the Phish-prone Percentage over time for the combined results. If you only select one campaign, the report will show as a pie graph.

Note:If you select All Users from the User Groups drop-down menu instead of specific groups, your organization’s overall Phish-prone Percentage for the selected campaign or campaigns will be displayed.

Use Case: You can use this report to identify which phishing campaign or campaigns caused the most phishing test failures. This information can help you identify what type of training your users need or the type of attack method your users are most vulnerable to.

Back to list

Initial Phish-prone Percentage

Description: This report displays the average Phish-prone Percentage for your users' first phishing tests.

Filters: Date Range.

Use Case: You can use this information as a baseline to see how likely your users are to fail a phishing attack before you enroll your users in security awareness training.

Back to list

Failure Types Report

Description: This report displays the number of failure types by campaign for the selected users.

Filters: Specific Campaigns, User Groups, and Date Range.

Use Case: You can use this report to identify the ways your users failed the selected campaigns. This information can help you see which attack vectors your users are most susceptible to.

Back to list

Phish-failure Percentage Reports

Our available Phish-failure Percentage Reports are listed below. For more information about how Phish-failure Percentage is calculated, see our How Is Phish-failure Percentage Calculated? article.

Overall Phish-failure Percentage

Description: This report displays the average Phish-failure Percentage for the selected users.

Available Filters: User Groups and Date Range.

Use Case: You can use this report to see how likely a specific group is to fail a phishing attack. This information can help you determine if your users need more training time or if their Phish-failure Percentage has improved over time.

Back to list

Campaign Phish-failure Percentage

Description: This report displays the average Phish-failure Percentage by selected campaigns for the selected users.

Filters: Campaigns, User Groups, and Date Range. You can also select the Combine Results check box to see the average Phish-failure Percentage across multiple campaigns or groups. The report will display the Phish-failure Percentage over time for the combined results.

Note:If you select All Users from the User Groups drop-down menu instead of specific groups, your organization’s overall Phish-failure Percentage for the selected campaign or campaigns will be displayed.

Use Case: You can use this report to identify which phishing campaign or campaigns caused the most users to fail. This information can help you identify which of your users need additional training or which campaign caused the most phishing failures.

Back to list

Email Templates Sent Reports

Emails Sent by Template

Description: This report displays statistics for the selected email templates. If you have not used the selected templates, you will not see results.

Available Filters: Email Template and Date Range.

Use Case: You can use this report to keep track of the email templates that you have used and to determine which templates cause the most failures among your users. For example, if your users have very few failures but you have only sent templates with one-star difficulty ratings, you may want to send templates with higher difficulty ratings.

Back to list

Emails Sent by Group

Description: This report displays email statistics for the selected groups.

Available Filters: User Groups and Date Range.

Use Case: You can use this report to keep track of how many email templates a specific group has received and the overall effectiveness of your phishing campaigns. This information may help you identify how often a specific group is enrolled in phishing campaigns.

Back to list

Failures by Phishing Template Report

Description: This report shows you the percentage of users who failed the phishing test with a specific failure type for the selected campaigns. This report is organized by phishing templates within the selected campaigns. The graph shows the number of failures by failure type.

Filters: Phishing Campaigns and Date Range.

Use Case: You can use this report to see the type of failures your users are most likely to make. This information can help you determine the types of attack vectors that your users are most vulnerable to so that you can create more targeted phishing and training campaigns.

Back to list

Learner Platform Reports

Description: This report displays the percent of completed training by platform.

Filters: Report Type, Training Campaigns, User Groups, Date Range, Content Types, Platform, User Status, and Exclude User Groups

Use Case: You can use this report to view comprehensive data about which platforms your learners are using to complete their training.

This report has an accompanying widget that will display on your Dashboard tab. For more information, see our Dashboard article.

Back to list

Training Activity

Description: This report displays your organization's training activity by training enrollment.

Filters: Report Type, Training Campaigns, User Groups, Date Range, Content Types, Training Status, and User Status

Use Case: You can use this report to view comprehensive data about your users' overall training activity.

To learn more about the training activity report, see our How to Customize and View Training Activity Reports article.

Back to list

Training Content Survey

Description: This report displays your organization's training survey results by campaign or content.

Filters: Report Type, Training Campaigns, Courses, Date Range

Use Case: You can use this report to determine what training content is most effective for your users. This information can help you select training content for your campaigns.

Back to list

Training Status Overview Reports

Training Status Overview by Campaign

Description: This report displays the training status of the users in the selected campaigns.

Filters: Training Campaigns and Date Range.

Use Case: You can use this report to keep your users on track with their training. This information can help you determine when to send training notifications or reminders to your users.

Back to list

Training Status Overview by Course

Description: This report shows you the training status of your users for the selected campaigns organized by the courses assigned to those campaigns. It displays the total number of users for each course.

Filters: Training Campaigns and Date Range.

Use Case: You can use this report to keep your users on track with their training courses. This information can help you determine when to send training notifications or reminders to your users.

Back to list

Training Status Overview by User Group

Description: This report displays the total number of users by group in each training status for all campaigns.

Filters: User Groups and Date Range.

Use Case: You can use this report to keep your users or specific groups on track with their training. This information can help you determine when to send training notifications or reminders to your users.

Back to list

Training Status by Campaign

Description: This report shows you the training statuses of the users in the selected campaigns.

Filters: Training Campaigns, User Groups, and Date Range.

Use Case: You can use this report to keep your users on track with their training. This information can help you determine when to send training notifications or reminders to your users.

Back to list

Training Comparison Reports

Phish-prone Percentage Comparison

Description: This report displays the average Phish-prone Percentage for users who have taken training (trained) and users who haven't taken training (untrained) in the selected accounts or groups.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how training affects your users by comparing the Phish-prone Percentage of untrained and trained users. This information may help you when you plan your training campaigns and when you select training content.

Back to list

Risk Score Comparison

Description: This report displays the average Risk Score for users who have taken training (trained) and users who haven't taken training (untrained) in the selected accounts or groups.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how training affects your users by comparing the Risk Score of untrained and trained users. This information may help you when you plan training campaigns and when you select training content.

Back to list

Training Hours Reports

Description: This report displays the number of hours selected users have spent training. Training hours include any time spent on an assignment, regardless of completion status.

Filters: User Groups and Date Range.

Use Case: You can use this report to identify users who haven’t spent enough time working on their security awareness training. The number of training hours spent can reflect in a user’s Phish-prone Percentage or explain why a user is failing phishing tests.

Back to list

Security Awareness Proficiency Assessment Reports

Our available Security Awareness Proficiency Assessment Reports are listed below. For more information about the Security Awareness Proficiency Assessment, or SAPA, see our What Is the Security Awareness Proficiency Assessment? article.

Risk Score by Assessment Score

Description: This report compares the assessment score and the Risk Score for the selected groups.

Filters: User Groups and Date Range.

Use Case: This report shows you how your users’ average assessment scores compare to their average Risk Scores. This information may help you when you plan training campaigns or select training content.

Back to list

User Count by Assessment Score

Description: This report displays the number of selected users with scores in each assessment score range.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how many users scored within a particular range on their assessment. This information may help you when you plan training campaigns or select training content.

Back to list

Assessment Score by Knowledge Area

Description: This report displays the average assessment score for the selected groups and knowledge areas.

Filters: Knowledge Areas, User Groups, and Date Range.

Use Case: You can use this report to compare the assessment scores for each of the seven knowledge areas. This information may help you when you plan training campaigns or select training content.

Back to list

Assessment Score by Knowledge Area Over Time

Description: This report displays the average assessment score for the selected groups and knowledge areas over time.

Filters: Knowledge Areas, User Groups, and Date Range.

Use Case: You can use this report to see how the assessment scores for the seven knowledge areas have changed over time. This information may help you when you plan training campaigns or select training content.

Back to list

Security Culture Survey Reports

Our available Security Culture Survey Reports are listed below. For more information about the Security Culture Survey, or SCS, see our What Is the Security Culture Survey? article.

Risk Score by Culture Score

Description: This report displays the culture score and Risk Score of each selected group.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how your organization's culture score compares to your Risk Score. This information may help you improve your organization’s security culture.

Back to list

User Count by Culture Score

Description: This report displays the number of selected users who scored within each culture score range.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how many users scored within a particular range on their Security Culture Survey. This information may help you improve your organization’s security culture.

Back to list

Survey Score by Dimension

Description: This report displays the average culture score for the selected users and the selected dimensions.

Filters: Dimensions, User Groups, and Date Range.

Use Case: You can use this report to compare your scores for each of the seven dimensions. This information may help you improve your organization’s security culture.

Back to list

Survey Score by Dimension Over Time

Description: This report displays the average culture score for the selected users and dimensions over time.

Filters: Dimensions, User Groups, and Date Range.

Use Case: You can use this report to see how the culture score for the seven dimensions has changed over time. This information may help you develop your organization’s security culture.

Back to list

Unphished and Untrained User Reports

Unphished Users

Description: This report displays a list of users who have not received a simulated phishing test email.

Important:If users have received emails that come from KnowBe4.com but have not yet been sent a simulated phishing email, they will be included in the report as unphished users. For example, users will be included in this report if they have received our Security Hints and Tips newsletters or Scam of the Week newsletters.

Filters: Date Range.

Use Case: You can use this report to identify users who haven’t been sent a phishing test. This information may help you plan future phishing campaigns.

Back to list

Incomplete Training

Description: This report displays a list of all users who have not completed any of their assigned training.

Filters: Date Range.

Use Case: You can use this report to see which of your users haven’t completed their security awareness training. This information may help you plan future training campaigns and discover potential gaps in your users’ training.

Back to list

No Training Assigned

Description: This report displays a list of all users who have not been assigned training.

Filters: Date Range.

Use Case: You can use this report to see which of your users haven’t been assigned security awareness training. This information may help you plan your training campaigns and discover potential gaps in your users’ training.

Back to list

Training Not Started

Description: This report displays a list of all users who have not started their assigned training.

Filters: Date Range.

Use Case: You can use this report to see which of your users haven’t started their security awareness training. You can use this information to send out training notifications and reminders to specific users.

Back to list

User Count and Login Reports

User Count

Description: This report displays the number of active users in the selected groups.

Filters: User Groups and Date Range.

Use Case: You can use this report to see how your user count changes over time or to review all of your active users.

Back to list

User Login Activity

Description: This report displays the login activity of active users for the selected groups.

Filters: User Groups and Date Range.

Use Case: You can use this report to view all user login activity across multiple groups. This information may help you determine which groups have not been logging in to take their security awareness training.

Back to list

Phishing Results by User Count

Phish-prone Percentage by User Count

Description: This report displays the number of users in each Phish-prone Percentage range by group. To be counted in this report, users must have received a phishing test.

Filters: User Groups.

Use Case: You can use this report to see how many users have a specific Phish-prone Percentage. This information can help you enroll users in security awareness training if they have a higher Phish-prone Percentage.

Back to list

Failure Type by User Count

Description: This report displays the types of phishing test failures recorded for users within the specified date range. The number of failures for each failure type is included.

Filters: User Groups and Date Range.

Use Case: You can use this report to see which attack vectors your users are most vulnerable to, such as attachments or links. You can use this information to enroll users in training or test your users based on specific vulnerabilities.

Back to list

Frequently Asked Questions (FAQs)

Question: What options are available for the Date Range field?

Answer: See the chart below for an explanation of the available options for the Date Range field:

Date Range Description
This Week to Date Pulls data that matches the specified criteria and occurred between the last Sunday to now.
This Month to Date Pulls data that matches the specified criteria and occurred between the last day of the month to now.
Last Year Pulls data that matches the specified criteria and occurred between January first of last year to January first of this year.
Last Quarter Pulls data that matches the specified criteria and occurred between the last business quarter. For example, January to March, April to June, July to September, and October to December.
Last Month Pulls data that matches the specified criteria and occurred during the last calendar month.
Last 6 Months Pulls data that matches the specified criteria and occurred during the last six months including the current month.
Year to Date Pulls data that matches the specified criteria and occurred between January first of this year to now.
Custom Date Pulls data that matches the specified criteria and occurred during the specified time frame.

Question: Which reports show archived user data?

Answer: All Phishing Activity Reports and Training Activity Reports have the option to include archived users. For more information on including archived user data in Phishing Activity Reports, see our How to Customize and View Phishing Activity Reports article. For more information on including archived user data in Training Activity Reports, see our How to Customize and View Training Activity Reports article.

You can also include archived user data in all reports on the Report subtab of the Phishing tab in your KSAT console by enabling the Include Archived Users In Reports check box under Account Settings. For more information, see the Phishing Settings section of our How to Edit Your Account Settings article.

Can't find what you're looking for?

Contact Support