Security Audit Report Command
Security Audit Report
Generates a password security strength report for enterprise users, with options to filter by nodes, choose output format and destination, include BreachWatch data (if enabled), control score calculation, save or display updated audit results, attempt fixes for invalid security data, and run in non-interactive mode when required.
DotNet CLI
Command: security-audit-report
Parameter:
--node - Filter report results by enterprise nodes.
--show-updated - Recalculate and show updated security scores locally.
--save - Recalculate and save updated security scores to Keeper.
--force - Skip confirmation prompts (non-interactive mode).
--score-type - Choose scoring method: default or strong_passwords.
--breachwatch - Include Breach Watch metrics in the report (if enabled).
--attempt-fix - Reset invalid security data and trigger a fresh recalculation for affected users.
--format - Display the report in these formats json, table, csv
--output - Store the output in a file.
Examples:
My Vault> security-audit-report --format json --output security_score.jsonMy Vault> security-audit-report --score-type strong_passwords --save --forceMy Vault> security-audit-report --breachwatchPowerCommander
Command: Get-KeeperSecurityAuditReport
Parameter:
-Node - Filter report results by enterprise nodes.
-ShowUpdated - Recalculate and show updated security scores locally.
-Save - Recalculate and save updated security scores to Keeper.
-Force - Skip confirmation prompts (non-interactive mode).
-ScoreType - Choose scoring method: default or strong_passwords.
-BreachWatch - Include Breach Watch metrics in the report (if enabled).
-AttemptFix - Reset invalid security data and trigger a fresh recalculation for affected users.
-Format - Display the report in these formats json, table, csv
-Output - Store the output in a file.
Examples:
PS > Get-KeeperBreachWatchReport -Format csv -Output "breachwatch_report.csv"
PS > Get-KeeperSecurityAuditReport -ScoreType strong_passwords -Save -Force
Security scores pushed to Keeper.
Security Audit Report
Email Name Sync Pending Weak Fair Medium Strong Reused Unique Security Score 2FA Node
----- ---- ------------ ---- ---- ------ ------ ------ ------ -------------- --- ----
[email protected] test1 0 222 310 1084 926 690 67 Off Node A
[email protected] test1qa 14 1322 2249 7419 0 11004 67 Off Node A
[email protected] atest 0 0 0 0 0 0 0 Off Node A
[email protected] btest 0 1 0 2 0 3 67 Off Node A\Node B
PS > Get-KeeperSecurityAuditReport -BreachWatch
Security Audit Report (BreachWatch)
Email Name Sync Pending At Risk Passed Ignored
----- ---- ------------ ------- ------ -------
[email protected] test1 170 1446 0
[email protected] testqa 4 0 0
[email protected] atest 0 0 0
[email protected] btest 0 3 0Python CLI
Command: security-audit-report
Flag:
--formatformat of output {table, csv, json}.--outputoutput path to resulting output file (ignored for "table" format)--syntax-helpdisplay help-n, --nodenode name(s) or UID(s) of node(s) to filter results of the report by-b, --breachwatchdisplay BreachWatch report. Ignored if BreachWatch is not active.-s, --savesave updated security audit reports-su, --show-updatedshow updated data-st, --score-typedefine how score is calculated {strong_passwords, default}.--attempt-fixdo a "hard" sync for vaults with invalid security-data. Associated security scores are reset and will be inaccurate until affected vaults can re-calculate and update their security data.-f, --forceskip confirmation prompts (non-interactive mode)
Example:
My Vault> security-audit-report --format json --output security_score.json
My Vault> security-audit-report --score-typLast updated
Was this helpful?