# Reporting Commands

### Overview

This section lists all the commands in Keeper's Commander (CLI) that are related to reporting and audit logging. These command will give you details report related to breachwatch, team, user, node, records etc.

The following commands are currently supported by CLI and SDK:

* [Action Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/action-report-command.md)
* [Audit Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/audit-report-command.md)
* [User Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/user-report-command.md)
* [Security Audit Report command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/security-audit-report-command.md)
* [Breach Watch Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/breach-watch-report-command.md)
* [Share Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/share-report-command.md)
* [Share Records Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/shared-records-report-command.md)
* [MSP Legacy Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/msp-legacy-report-command.md)
* [External Shares Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/external-shares-report-command.md)
* [Audit Log Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/audit-log-report-command.md)
* [Aging Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/aging-report-command.md)
* [Risk Management Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/risk-management-report-command.md)
* [File Report Command](/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/file-report-command.md)

***

### User Report Command

Generates an ad-hoc user status report, with options to choose the output format and destination, filter users by last login within a specified number of days, and optionally simplify the report to display only last-login information.

<details>

<summary>DotNet CLI</summary>

**Command:** Coming Soon

</details>

<details>

<summary>DotNet SDK</summary>

**Function:** Coming Soon

</details>

<details>

<summary>Power Commander</summary>

**Command:** Coming Soon

</details>

<details>

<summary>Python CLI</summary>

**Command:** `user-report`

**Flag:**

* `--format` format of output {table,csv,json}.
* `--output` output path to resulting output file (ignored for "table" format)
* `--days` days to look back for last login (0 = no limit). Default: 365
* `--last-login, -l` Simplify report to show only last-login info

**Example:**

```
My Vault> user-report --days 20 --last-login --format json --output json
```

</details>

<details>

<summary>Python SDK</summary>

**Function:**

```python
def generate_report(self) -> List[UserReportEntry]:
        """Generate the user report."""
        users = list(self._enterprise_data.users.get_all_entities())
        active_usernames = [u.username.lower() for u in users if u.status == 'active']
```

</details>

### Security Audit Report Command

Generates a password security strength report for enterprise users, with options to filter by nodes, choose output format and destination, include BreachWatch data (if enabled), control score calculation, save or display updated audit results, attempt fixes for invalid security data, and run in non-interactive mode when required.

<details>

<summary>DotNet CLI</summary>

**Command:** Coming Soon

</details>

<details>

<summary>DotNet SDK</summary>

**Function:** Coming Soon

</details>

<details>

<summary>Power Commander</summary>

**Command:** Coming Soon

</details>

<details>

<summary>Python CLI</summary>

**Command:** `security-audit-report`

**Flag:**

* `--format` format of output {table, csv, json}.
* `--output` output path to resulting output file (ignored for "table" format)
* `--syntax-help` display help
* `-n, --node` node name(s) or UID(s) of node(s) to filter results of the report by
* `-b, --breachwatch` display BreachWatch report. Ignored if BreachWatch is not active.
* `-s, --save` save updated security audit reports
* `-su, --show-updated` show updated data
* `-st, --score-type` define how score is calculated {strong\_passwords, default}.
* `--attempt-fix` do a "hard" sync for vaults with invalid security-data. Associated security scores are reset and will be inaccurate until affected vaults can re-calculate and update their security data.
* `-f, --force` skip confirmation prompts (non-interactive mode)

**Example:**

```
My Vault> security-audit-report --format json --output security_score.json
My Vault> security-audit-report --score-type=strong_passwords --save
```

</details>

<details>

<summary>Python SDK</summary>

**Function:**

```python
def _get_updated_security_report_row(
        self,
        sr: APIRequest_pb2.SecurityReport,
        last_saved_data: Dict[str, int],
        current_email: str
    ) -> Dict[str, int]:
```

</details>

### Share Report Command

Shows a detailed report of records shared **with and by the caller**, supporting multiple output formats and filters, including record or user selection, ownership and share-date details (for authorized users), shared folder information, verbose output, and optional inclusion of team users for shared folders.

<details>

<summary>DotNet CLI</summary>

**Command:** Coming Soon

</details>

<details>

<summary>DotNet SDK</summary>

**Function:** Coming Soon

</details>

<details>

<summary>Power Commander</summary>

**Command:** Coming Soon

</details>

<details>

<summary>Python CLI</summary>

**Command:** `share-report`

**Flag:**

* `--format` format of output {table,csv,json}.
* `--output` output path to resulting output file (ignored for "table" format)
* `-r, --record` record name or UID
* `-e, --email` user email or team name
* `-o, --owner` record ownership information
* `--share-date` include date when the record was shared. This flag will only apply to the detailed owner report. This data is available only to those users who have permissions to execute reports for their company. Example of the report that includes shared date: `share-report -v -o --share-date --format table`
* `-sf, --shared-folders` display shared folder detail information. If omitted then records.
* `-v, --verbose` display verbose information
* `-f, --folders` limit report to shared folders (excludes shared records)
* `-tu, --show-team-users` show shared-folder team members (to be used with "--folders"/ "-f" flag, ignored for non-admin accounts)

**Example:**

```
My Vault> share-report --email <email>
My Vault> share-report --record 
```

</details>

<details>

<summary>Python SDK</summary>

**Function:**

```python
def generate_report(self) -> List[SharedRecordReportEntry]:
        """Generate the shared records report.
        
        Returns:
            List of SharedRecordReportEntry objects containing share information
        """
        records = self._get_records_to_report()
        if not records:
            return []
```

</details>

### Shared Record Report Command

Displays information about shared records, limited to those shared by the caller with other users and excluding records shared with the caller by others..

<details>

<summary>DotNet CLI</summary>

**Command:** Coming Soon

</details>

<details>

<summary>DotNet SDK</summary>

**Function:** Coming Soon

</details>

<details>

<summary>Power Commander</summary>

**Command:** Coming Soon

</details>

<details>

<summary>Python CLI</summary>

**Command:** `shared-record-report`

**Alias:** `srr`

**Flag:**

* `--format` format of output {table,csv,json}.
* `--output` Output path to resulting output file (ignored for "table" format)
* `-tu, --show-team-users` show members of team for records shared via share team folders.
* `--all-records` report on all records in the vault. only owned records are included if this argument is omitted.

**Example:**

```
My Vault> shared-records-report --all-records --format json --output json
```

</details>

<details>

<summary>Python SDK</summary>

**Function:**

```python
def generate_shared_folders_report(self) -> List[SharedFolderReportEntry]:
        """Generate a report of shared folders and their permissions.
        
        Returns:
            List of SharedFolderReportEntry objects containing folder share information
        """
        entries: List[SharedFolderReportEntry] = []
```

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.keeper.io/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.