Click Change View to select a predefined view.
Predefined views include Default, Taxonomy, Reputation, Detail, Risk Analysis, and IDM. Each view displays the same events but with different columns.
Alternatively, click Change View and then select Create New View.
Click Change View again and select Edit Current View.
In Edit Current View, click Save as Report Module at the bottom.
Go to Reports > All Reports, click Modules, and then expand Custom Security Events.
See the new module listed. It has the same name as the custom view.
To generate the report, click the blue arrow next to the module's name, and then go through the Report Wizard.
Notice that the report module, Custom Security Events - <name of your custom view>, is already selected for you.
Run a report following the instructions in Modify Built-in Reports.
In Step 3 of the wizard, locate the module you want to duplicate, change the parameters of the module as desired, and then click Add as a New Report Module.
In Add a New Subreport, type a name and click Add.
Sheriff CSM saves the module with the changed parameters.
Create a new report. For instructions, see Create Custom Reports.
In Step 1 of the wizard, search for the module you just saved, and then add it to your report.
Add more modules if you want and finish running the wizard.