> ## Documentation Index
> Fetch the complete documentation index at: https://docs.petrasecurity.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Tenant Report

> Everything Petra identifies, including M365 incidents, failed attacks, uncommon activities, and spotlighted investigations can be compiled into a white-labeled PDF report.

## Getting to the Report Builder

1. From the **Homepage**, navigate to the **Reporting** tab in the top navigation bar.
2. Click the **Report Builder** button in the top right.
3. Select the tenant in the top left corner of the report builder.
4. Choose a date range using the date picker. Presets include Last 30 days, Last 3 months, Last 6 months, Month to date, and more.

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/FbukLCiw2zkqhqG8/images/report_builder_button.png?fit=max&auto=format&n=FbukLCiw2zkqhqG8&q=85&s=9bcd22424b170f28b54514953f59f81b" width="3424" height="1996" data-path="images/report_builder_button.png" />
</Frame>

The report preview generates in real-time as you change the tenant or date range.

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/FbukLCiw2zkqhqG8/images/report_first_page.png?fit=max&auto=format&n=FbukLCiw2zkqhqG8&q=85&s=c78d40344f3ac920c13281845f346de8" width="3428" height="1994" data-path="images/report_first_page.png" />
</Frame>

## Report Contents

The PDF includes your organization's branding (logo, name, contact email, and currency) along with:

* **Executive Summary**: A high-level overview of the tenant's security posture for the selected period.
* **Summary Metrics**: Number of analyzed events, identified failed attacks, involved countries, uncommon activities, and detected incidents.
* **Failed Attacks**: Specifics on targeted accounts, countries involved, and detailed insights into each unsuccessful intrusion attempt.
* **Uncommon Activity**: Anomalous activities that indicate unusual behavior but are not incidents. These make great talking points or launchpads for hardening initiatives.
* **Spotlighted Investigations**: Detailed analyses conducted by the Petra security team.
* **Incidents**: Any incidents that occurred during the report period. Full incident reports are included in the appendix.
* **Investigated Activity** (optional): Unusual login patterns and detection types that were investigated. See [Configuring Report Content](#configuring-report-content).

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/FbukLCiw2zkqhqG8/images/report_second_page.png?fit=max&auto=format&n=FbukLCiw2zkqhqG8&q=85&s=a468b5d651070c1bbb3f709c6764f659" width="3422" height="1994" data-path="images/report_second_page.png" />
</Frame>

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/FbukLCiw2zkqhqG8/images/report_sample_failed_attacks.png?fit=max&auto=format&n=FbukLCiw2zkqhqG8&q=85&s=afed8bb58690bd25a8af52fc48f59ede" width="3414" height="1992" data-path="images/report_sample_failed_attacks.png" />
</Frame>

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/FbukLCiw2zkqhqG8/images/report_uncommon_activity.png?fit=max&auto=format&n=FbukLCiw2zkqhqG8&q=85&s=a11861cbe39983e97a91818fb6b27896" width="3420" height="1994" data-path="images/report_uncommon_activity.png" />
</Frame>

## Downloading a Report

1. Within the **Report Builder**, select the tenant and date range.
2. Click **Download PDF**.
3. The PDF includes your organization's logo, name, contact email, tenant information, and the selected date range.

## Configuring Report Content

Click **Configure Report** in the Report Builder to open the configuration modal. This lets you fine-tune exactly what appears in the generated PDF.

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/txTVT1sLIspogrzL/images/report_builder_configuration.png?fit=max&auto=format&n=txTVT1sLIspogrzL&q=85&s=0143d7c0bc946e14d41337f263e9f0ee" width="3420" height="1960" data-path="images/report_builder_configuration.png" />
</Frame>

### High Value Accounts

Tag accounts like CEO, CFO, or billing managers as high value. High value accounts receive greater detail in the report, making it easy to show your client that their most important people are being watched.

1. Open the **High Value Accounts** tab in the configuration modal.
2. Search for a user by name or email.
3. Check the **High Value** checkbox next to the account.

### Hidden Accounts

Hide accounts that should be excluded from the report entirely, such as your own admin account or testing accounts.

1. Open the **Hidden Accounts** tab.
2. Search for a user by name or email.
3. Check the checkbox to omit the account from reports.

### Hidden Incidents

Hide specific incidents from the report, such as ones you have already surfaced to the client or that are not relevant.

1. Open the **Hidden Incidents** tab.
2. Check the checkbox next to any incident to exclude it.

### Other Settings

The **Other** tab includes:

* **Investigated Activity**: Toggle whether the investigated activity section appears in reports, and select which detection types to include (Impossible Travel, New Country, New ASN, Proxy Datacenter, Rare App, Rare OS, and more).
* **Branding shortcut**: A link to **Settings → Branding** where you can configure your logo and contact email (see [Customizing Report Branding](#customizing-report-branding) below).

## Scheduling Automated Monthly Reports

Petra can automatically send tenant security reports on the first of every month, covering the entire previous month. There are two ways to set this up depending on who should receive them.

### Sending Reports to Your Organization

Add internal email addresses that should receive a security report for **every tenant** on the first of every month.

1. Go to [Settings > Notifications](https://app.petrasecurity.com/settings).
2. Under **Automated Monthly Reports (Internal emails only)**, add email addresses.

These recipients receive a ZIP file containing a PDF report for each tenant. Reports are sent from `reports@petrasecurity.com`.

<Warning>
  These emails will receive security reports for **all of your tenants**. Only add emails within your organization.
</Warning>

### Sending Reports Directly to Tenants

Add tenant-specific email addresses so your clients receive their own security report each month.

1. Navigate to the tenant's page by clicking on the tenant from the Homepage.
2. Click the **Settings** (gear) icon to open the tenant settings modal.
3. Under **Tenant-Specific Monthly Reports**, add the client's email address.

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/1SxqHPksKyigGMEz/images/tenant-specific-monthly-report.png?fit=max&auto=format&n=1SxqHPksKyigGMEz&q=85&s=8b992fea4293ffc729eccbcfb2d3e2d5" width="3010" height="1538" data-path="images/tenant-specific-monthly-report.png" />
</Frame>

These recipients receive a PDF report for that specific tenant only. Reports are sent from `reports@petrasecurity.com`.

<Tip>
  Monthly reports are a great way to demonstrate ongoing value to your clients. If you manage tenants on behalf of clients, see [Co-Managed Tenants](/settings/co-managed-tenants) for how to give clients direct portal access alongside automated reports.
</Tip>

If you have configured a **PDF Export Contact Email** in **Settings → Branding**, it will be included as the reply-to address on tenant report emails so clients can respond directly to your organization.

## Downloading Previously Generated Reports

Every automated monthly report that Petra has generated is available for download in the **Reporting** tab under the **Automated Reports** sub-tab. Reports are stored as ZIP files, each containing a PDF for every tenant included in that month's run.

1. Navigate to the **Reporting** tab in the top navigation bar.
2. Click the **Automated Reports** tab.
3. Under **Security Report Artifacts**, find the report you want by date.
4. Click **Download** to get the ZIP file.

<Frame caption="">
  <img src="https://mintcdn.com/petrasecurity-7f411ce9/e1vrxuh0WBM4wmOZ/images/new_security_report.png?fit=max&auto=format&n=e1vrxuh0WBM4wmOZ&q=85&s=ee51451b5c40f78159636db5b3aa0e3f" width="3434" height="1858" data-path="images/new_security_report.png" />
</Frame>

<Tip>
  If you received a monthly report email with a download link, clicking it will take you directly to this tab and begin the download automatically.
</Tip>

## Customizing Report Branding

Tenant reports are white-labeled with your organization's branding. You can customize the logo, organization name, contact email, and currency that appear in every generated PDF.

### How to Update Branding

1. Navigate to **Settings → Branding**.
2. Update any of the fields described below. Changes are saved automatically.

<Tip>
  You can also reach the Branding page from the **Report Builder** by clicking **Configure Report → Other → Configure logo and contact email**.
</Tip>

### Branding Options

| Field                        | Description                                                                                                                                                                                                                                                                 |
| ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Organization Name**        | Displayed in report headers and titles.                                                                                                                                                                                                                                     |
| **PDF Export Contact Email** | Shown in generated PDFs so tenants can contact you with questions. Also used as the reply-to address for automated monthly report emails.                                                                                                                                   |
| **Reporting Timezone**       | The timezone used for all dates and timestamps in generated PDF reports. Dates and times in reports will be displayed according to this timezone setting.                                                                                                                   |
| **Report Currency**          | The currency symbol used for monetary figures in PDF reports (for example, the "Why M365 protection matters" statistics). Supported values: `$` (default), `£`, `€`, `A$`, `C$`, and `NZ$`. Amounts are adjusted for local purchasing power rather than raw exchange rates. |
| **Navigation Bar Logo**      | Your logo in the Petra app's navigation bar. Used as a fallback in PDFs if no PDF Export Logo is set.                                                                                                                                                                       |
| **PDF Export Logo**          | A dedicated logo for all PDF reports (tenant reports, threat remediation reports). If not set, the Navigation Bar Logo is used instead.                                                                                                                                     |

### Logo Requirements

* **Supported formats**: JPEG, PNG, SVG, WebP
* **Max file size**: 2 MB for the Navigation Bar Logo, 5 MB for the PDF Export Logo
* **Recommended**: Use a high-resolution, square image for the PDF Export Logo so it renders clearly in reports
* **Upload methods**: Click the upload area, drag and drop a file, or paste an image from your clipboard
