# Risk Management Report Command ### Risk Management Command This command/function helps to Generate risk management reports from Keeper's Risk Management Dashboard (RMD) APIs.

DotNet CLI

**coming soon**

DotNet SDK

Comming Soon

PowerCommander

**Command:** `Get-KeeperRiskManagementReport` **Alias:** `risk-report` **Parameters**

Parameter	Default	Description
`-Action`	`enterprise-stat`	The report action to perform. See Actions below.
`-AuditEventType`	—	Audit event type name (e.g. `"bw_record_high_risk"`) or numeric ID. Required for `security-alerts-detail`. Use `security-alerts-summary` to discover available event types.
`-BenchmarkFields`	—	Benchmark fields to set, specified as `NAME:STATUS` pairs. Required for `security-benchmarks-set`.
`-Format`	`table`	Output format: `table`, `json`, or `csv`.
`-Output`	—	File path to write the report output to. When omitted, output is displayed in the console.
`-SyntaxHelp`	—	Display detailed syntax help text with all available options and examples.

**Actions**

Action	Description
`enterprise-stat`	Enterprise-wide summary showing the number of users who recently logged in and the number of users with records. This is the default action.
`enterprise-stat-details`	Per-user breakdown showing each user's last login timestamp and whether they have records in their vault.
`security-alerts-summary`	Summary of security alert events over the current and previous 30-day periods, including event occurrence counts, unique user counts, and trend indicators.
`security-alerts-detail`	Detailed per-user breakdown for a specific audit event type. Requires the `-AuditEventType` parameter. Shows each user's current and previous occurrence counts and the last occurrence timestamp.
`security-benchmarks-get`	Retrieves the current status of all enterprise security benchmarks, including their status (`RESOLVED`, `IGNORED`, or `UNRESOLVED`), last updated timestamp, and auto-resolve setting.
`security-benchmarks-set`	Updates the status of one or more security benchmarks. Requires the `-BenchmarkFields` parameter with `NAME:STATUS` pairs.

**Security Benchmark Names** The following benchmark names are valid for `security-benchmarks-get` and `security-benchmarks-set`: | Benchmark Name | Description | | --------------------------------------------------- | ---------------------------------------------------- | | `SB_DEPLOY_ACROSS_ENTIRE_ORGANIZATION` | Deploy Keeper across the entire organization | | `SB_ENFORCE_STRONG_MASTER_PASSWORD` | Enforce strong master password policy | | `SB_PREVENT_INSTALLATION_OF_UNTRUSTED_EXTENSIONS` | Prevent installation of untrusted browser extensions | | `SB_ENSURE_TWO_FACTOR_AUTHENTICATION_FOR_END_USERS` | Ensure two-factor authentication for end users | | `SB_ENABLE_ACCOUNT_TRANSFER_POLICY` | Enable account transfer policy | | `SB_CONFIGURE_IP_ALLOWLISTING` | Configure IP allowlisting | | `SB_REDUCE_ADMINISTRATOR_PRIVILEGE` | Reduce administrator privilege | | `SB_CREATE_ALERTS` | Create security alerts | | `SB_ENSURE_OUTSIDE_SSO_ADMINISTRATOR_EXISTS` | Ensure an outside-SSO administrator exists | | `SB_DISABLE_BROWSER_PASSWORD_MANAGERS` | Disable browser password managers | | `SB_LOCK_DOWN_SSO_PROVIDER` | Lock down SSO provider | | `SB_DISABLE_ACCOUNT_RECOVERY` | Disable account recovery | | `SB_CREATE_AT_LEAST_TWO_KEEPER_ADMINISTRATORS` | Create at least two Keeper administrators | | `SB_ENFORCE_LEAST_PRIVILEGE_POLICY` | Enforce least privilege policy | | `SB_ENSURE_TWO_FACTOR_AUTHENTICATION_ADMIN_USERS` | Ensure two-factor authentication for admin users | Valid benchmark statuses: `RESOLVED`, `IGNORED`, `UNRESOLVED` **Examples:** {% code overflow="wrap" %} ```powershell PS > Get-KeeperRiskManagementReport Users Enterprise Stat Metric Value ------ ----- Logged In (Recent) 11 Has Records 15 PS > Get-KeeperRiskManagementReport -Action enterprise-stat-details Enterprise Stat Details Username LastLoggedIn HasRecords -------- ------------ ---------- test1@example.com 2026-03-27 16:50:49 True test2@example.com 2026-04-17 10:16:56 True test3@example.com 2026-04-16 15:58:02 True ``` {% endcode %}

Python CLI

Comming Soon

Python SDK

Comming Soon

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.keeper.io/keeperpam/commander-sdk/keeper-commander-sdks/sdk-command-reference/reporting-commands/risk-management-report-command.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.