Veza Reports enable organization, monitoring, and action on the most critical insights for security teams and individual Veza operators.
Browse to Access Intelligence > _Reports > All Reports to view all reports. For any query in a report, you can
See the percent change, current result, or trend chart.
View the underlying query details and conditions.
Each query indicates the current result value. Click the % Change to view a trend chart.
Hide zero value results will conceal assessment queries where the value column is 0 (no current results).
To view all results in Query Builder or edit the saved query, click the Query name or value.
To refresh the query from the most recent graph data, click Run Query under the actions dropdown menu. All results automatically refresh daily.
The main Access Intelligence > Reports page allows you to organize and rank reports intended for regular review. Expand a category to view the reports within it, and click a report's name to open it. You can create additional categories, and add or remove built-in or custom reports:
Search for specific reports, labels, or integration types by applying filters.
Click + Add Category to create a grouping and Add or Create reports within it.
Reports added to the Dashboard Reports category are shown on the main dashboard.
Drag an item to arrange the report categories. You can also hide or re-categorize several reports at one time with a multi-selection.
To make reports containing many different queries more digestible, you can temporarily filter the information to show and export.
To show queries by keyword such as "MFA," "Service Account," or "Bucket", start typing into the Find queries by name field at the top of the report.
Changing the Time Range updates the minimum and maximum values to show values for that period.
Clicking a cloud provider icon within a report subcategory will show only queries for that provider (such as Okta or Azure AD).
To only show results for a subset of Azure tenants or AWS accounts, use the Select one or more accounts dropdown. This can be useful for focusing on a specific account of interest among several similar provider integrations.
To export a report to CSV or PDF, click Export and select an option. The data export will include columns for Name, Value, Min_Range, Max_Range, and Time_Range, for the currently-filtered set of queries.
Browse to Access Intelligence > Reports.
Click + Create Report.
Give the report a Name and Description.
Choose a Report Type:
Dynamic: These reports automatically include all queries with the chosen labels and integrations, and will dynamically update when queries receive those tags or integrations. Queries and sections cannot be manually added or removed.
Query Based: Customize report sections and pick from any saved queries. You can add or remove queries and change report sections after creating the report.
Pick a visibility setting. Private reports are only visible to their owners. Setting a report to Public publishes it for other Veza users.
To enable the report as a dashboard, use the Collections dropdown to add the report to the "Dashboard Reports" collection.
Use the Queries tab to construct the report:
For dynamic reports, choose the labels and integrations to include in the report.
For query-based reports, click New Section to add as many sections as you need. Search for queries to add by clicking the Add Queries icon within each section.
To edit a report, open the report from the dashboard or Reports library, and click Edit Report.
You can use edit mode to:
Add or remove queries.
Add or remove or rename sections.
Change the report name or description.
Change a private report to public visibility.
Click Save to close the builder and see the changes.
To add an item to the report, change to Edit mode and click the Add Queries button. Filter or search to find the queries you want to add. Click on one or more, and Save the changes.
To remove a query from a report, click Edit Report.
Click the trash can icon in the query actions to remove that query from the report.
Deleting a query only removes it from the report. You can still add the query to other reports, and find it listed under Saved Queries.
To delete a report, open it and click the trash can icon, or use the Reports Library to manage many reports at one time.
When creating a report, users must set the visibility to public or private (default). Changing a report to public is permanent. The Reports Library shows all built-in and custom reports and privacy settings.
To modify report owners, edit a report and choose Edit Owners.
Only the report owners can view or edit private reports.
Users are the owners of any queries and report they create.
Users with the admin role are the default owners of out-of-the-box queries and reports.
You can review all built-in and user-created reports in the Reports Library, and organize them on the Access Intelligence > Reports overview. You can also customize on the home dashboard by adding, removing, or modifying report and queries.
Reports are collections of , organized into sections based on provider, service, risk, or other criteria. A summary of key reports appears on the primary Veza dashboard.
View results in or .
Create to get alerts when changes occur.
Veza users can create and dashboard sections tailored to specific roles, priorities, and responsibilities. Reports are public to other users or only visible to owners depending on the report's visibility settings.
Administrators can customize the insights shown on the Veza dashboard by editing, removing, or adding reports to the section. Access Risk tiles on the landing page show a summary of results from the Dashboard reports category. Each tile provides a shortcut back to the underlying report for further investigation.
The Report Library shows all reports, and their creation dates, owners, and privacy settings. To create a copy of a report, click Clone. Click a report name to view or its contents.
Click to permanently remove a query. Click Clone to create a copy of the report.
Users with the admin and operator can create reports that include any , grouped in custom sections. To create a report:
Click Create Report to open it in .
Adding or removing queries from a will include or exclude the results of those queries on the home page dashboard.
Schedule secure CSV exports of query results delivered to an email recipient.
Veza users can now schedule a periodic export (daily, weekly, etc.) of query results delivered via a secure link in email. When configured, recipients receive a secure link in email which they can download only if they have permission to view the query’s results in Veza.
When clicking a link to download a scheduled export, users are redirected to the Veza login page for Single Sign On (SSO), and the results are downloaded in CSV format. This enables Veza users to share sensitive query results data with other stakeholders while ensuring query data from Veza is protected.
Download links expire after 28 days from the export date. This is a security measure to protect customer data. Expired links cannot be reactivated. If you need to keep the links active beyond 28 days, please contact the Veza support team.
Recipients must have appropriate Veza permissions to download the data. Users must have one of these roles: Admin, Operator, or Viewer. User permissions are checked at download time, and users without sufficient permissions will be unable to download the results.
Users must have one of these Veza roles:
Admin
Operator
Viewer
For users with other roles (e.g., Reviewer):
Assign them the Viewer role in addition to their current role
This grants them access to view and download query results
Note: This also gives them access to other queries and dashboards
Contact Veza Support if you need more granular permissions
How scheduled exports work:
Click on “Schedule Export” on the kebab menu on a query’s details page or query builder page:
Select the CSV Via Secure Link in Email option in the next window:
Configure the schedule and recipient email address
At the scheduled intervals, recipients will receive an email containing basic usage instructions and:
A secure link to download the query results
The query name and execution timestamp
From the Query Details view (Query Actions > Schedule Export)
Choose a query on the Separation of Duties overview and choose Schedule Export from the row actions.
To configure the exports from the Save Query page:
On the Scheduled Exports tab, click CSV via Secure Link in Email
Choose a single email recipient
Choose an export time (UTC)
Choose the days of the week for the export to run
(Optional) Configure additional settings for the export:
Include all source tags in results: Add a column for Veza Tags or provider-native tags on source entities.
Include all destination tags in results: Add a column for tags on destination entities.
Show {Destination Entity} properties: Add columns for attributes on the destination entity type.
Show Summary Entities: Add a column for a summary of entities between the source and destination nodes (if specified in the original query).
Use the Queries > Exports tab page to review all queries that have been exported or are scheduled for export. The status column indicates whether the results were exported successfully. Use the actions menu to:
Edit scheduling settings
Rerun an export
Cancel an in-progress export
For more information about Veza teams and roles, see . For technical support or to request modifications to the link expiration period, please contact your Veza support representative.
You can enable scheduled exports when . To schedule exports for a saved query:
Click on a tile to open the query details, or find the query on the Access Visibility > Queries page.
How to understand and customize insights on the Veza Dashboard.
Dashboards in Veza offer visibility into your organization's authorization landscape across cloud providers, identity systems, and data stores. Combining pre-built intelligence with customizable insights, dashboards enable teams to identify risks, track access patterns, and enforce least privilege principles.
The primary Dashboards page provides a central hub for monitoring and analyzing authorization insights. Each dashboard features curated tiles to surface critical findings driven by Veza's graph search. Each tile includes options to review trends, analyze results, and create rules.
Veza provides built-in dashboards for a range of identity security use cases, including reports for dormant entities, non-human identities, privileged access by roles, and many more. The main Access Analytics Summary highlights top risks, rules, and recent alerts for your integrations. Teams can edit saved queries and reports to customize and extend these featured dashboards.
Each dashboard tile represents a single insight, supporting trend visualization, historical comparison, drill-down, and integration with Query Builder and Graph.
Risk level (low, medium, high, or critical)
Current value and trend indicator
Change over the chosen time period (percentage and total value)
Historical trend graph for the time period
Click the menu (⋮) on any tile to access quick actions:
Expand: View and export detailed trend data and analysis
Analyze: Visualize the underlying data for the saved query
Share This Tile: Copy a link to share findings with team members
Open in Query Builder: View and customize the underlying query
Open in Graph: Visualize relationships in Authorization Graph
Alert on Change: Configure notifications for changes
Create Rule: Set thresholds for critical changes and configure appropriate notification channels and Veza Actions
Schedule Export: Automate data exports and reporting
Use the left panel to access and manage dashboards, and customize their order for quick access to the most relevant insights.
Click to open built-in dashboards organized by category
Search for specific dashboards using the search bar
Add, hide, or reorder dashboards using the edit mode
Use the time range controls to analyze trends across different periods:
Past Hour
Past Day
Past 7 Days
Past 30 Days
Past 90 Days
Past 6 Months
Past Year
For 6 months and 1-year views, charts represent weekly values instead of daily values. The value shown is for the last day of a week. For example, the week of
11/19-11/25appears on the X-axis as11/19, and the value is the query result on11/25.
To toggle the insights displayed, use the visibility options:
Integration Filtering: Focus on specific platforms or accounts
Risk Level Filtering: Prioritize insights by criticality
Zero Result Hiding: Remove tiles with no findings
Access dashboard-level controls in the top right:
Share: Generate shareable dashboard links
Export: Download dashboard data
Edit: Customize dashboard content and layout
Clone: Create a copy for customization
Delete: Remove dashboard
Veza offers out-of-the-box dashboards for monitoring critical access patterns, tracking changes over time, and generating and sharing insights. Built-in dashboards are available to help manage:
Identity and Privilege Access Insights
Dormant Entities
Snowflake Activity Monitoring
Salesforce Misconfigurations
GitHub Misconfigurations
Cloud IAM Insights
Snowflake Insights
Databricks Insights
Redshift Insights
BigQuery Insights
Data Insights
Top Insights
Privileged Account Dashboard
Privileged Access by Deactivated Accounts
Accounts that can Bypass MFA
Privileged Access by Accounts
Privileged Access by Roles
Privileged Access by External Accounts
Privileged Access by Machine Identities and Service Accounts
Snowflake Data Governance Dashboard
Salesforce Security Dashboard
Google Drive
SaaS Security Posture Management (SSPM)
NHI Insights
AWS IAM Insights
Google Cloud IAM Insights
Okta Insights
Active Directory and Azure AD Insights
Identity Protection Risks
NHI Access Tracker
Snowflake Role Mining Insights
AWS Role Mining Insights
Based on the data sources integrated with Veza, you can use dashboards to immediately start identifying top risks, and analyzing and acting on the most important findings.
Review and customize dashboard insights for key systems (AWS IAM, Snowflake, etc.). During this phase, work with stakeholders to:
You can then expand usage to include:
You can create reports containing both built-in and custom saved queries. You can then add these reports to your dashboard to focus on the data points most important to you. You can then share these reports with your team to provide fine-tuned visibility into the risks and trends.
Open the saved query details view or edit in Query Builder
Open the Add To Report (Optional) tab
A dashboard tile is based on a , and indicates the:
Click a tile to open the view. You can use the query details view to manage exceptions or create rules, visualize trends over time, and access the original query description and parameters.
Focus on establishing your core access graph with 3-5 critical . This initial phase can deliver immediate value by providing visibility into key systems while additional integrations are added to Veza.
Set appropriate
Configure
for specific use cases
User/group/role comparison and
Advanced access pattern detection with and
Custom and dashboards
implementation (if applicable)
To add queries to reports when :
Administrators can customize the available dashboards by adding and removing reports from the .
