As an administrator, you can view reports in the Google Admin console to review Chrome browser activity in your organization.
Turn on browser reporting
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu
Devices
Chrome
If you signed up for Chrome Enterprise Core, go to Menu
Chrome browser
- Select your top-level organizational unit, so that all child organizations will inherit the policy.
- Go to Browser reporting.
- Click Managed browser reporting.
- Select Enable managed browser cloud reporting.
- Click Save.
- Restart Chrome browser on users' devices so that it picks up the new policy.
You should then get a report within a minute of Chrome browser restarting. Once a report gets sent, the rest of the fields in the Browser List page will be populated, as well as the Details page. As new reports come in, these fields update accordingly. Currently, report frequency is set to once every 24 hours. If needed, use the Frequency of browser status reporting in hours setting to change the number of hours between successive reports. Enter a value between 3 and 24 hours.
Turn on browser event reporting
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu
If you signed up for Chrome Enterprise Core, go to Menu
-
To apply the setting to all users and enrolled browsers, leave the top organizational unit selected. Otherwise, select a child organizational unit.
- Go to Browser reporting.
- Click Event reporting.
- Select Enable event reporting.
- (Optional) Configure additional settings. Choose the reported event types that you need, based on what type of content you want to send for analysis. For details, see Chrome audit log.
- Default event types—Select All types to allow Chrome browser to report all of the default event types. Or, select Customized and then select the specific event types that you need. Default Chrome threat and data protection events include malware transfer, password reuse, and unsafe site visits.
- Optional event types—If needed, check the Login and Password Breach boxes, and enter URL patterns.
-
Click Save. Or, you might click Override for an organizational unit.
To later restore the inherited value, click Inherit.
What gets uploaded from users' devices
Admin activity
You can use the Admin audit log to see a record of actions performed in your Admin console.
For details about what administrator activity data you can view, go to Admin audit log.
Browser policies
| Type | Example value | Remarks |
| Policy name | BookmarkBarEnabled | |
| Policy source/scope | Cloud Machine Policy | |
| Policy value | false | |
| Policy error | Deprecated | Any issue with a policy is displayed here. |
Browsers & profiles
| Type | Example value | Notes |
| Chrome browser version | 69.0.3497.23 | |
| Chrome browser channel | Beta | |
| Chrome browser path | C:\Program Files (x86)\Google\Chrome Beta\Application | |
| Profile name | Person 1 | |
| Profile path | \Default | |
| Profile signed in user email | [email protected] | Available only if there’s a signed user in that profile. |
| Profile signed in user ID | [ID number] | An obfuscated ID unique to that user. Available only if there's a signed-in user in that profile. |
Extension policies
| Type | Example value | Remarks |
| Extension ID | aapocclcgogkmnckokdopfmhonfmgoek | Uniquely identifies the extension to which the policies apply. |
| Policy name | BookmarkBarEnabled | |
| Policy source/scope | Cloud Machine Policy | |
| Policy value | false | |
| Policy error | Deprecated | Any issue with a policy is displayed here. |
Extensions & plugins
| Type | Example value | Notes |
| Extension ID | aapocclcgogkmnckokdopfmhonfmgoek | |
| Extension version | 0.10 | |
| Extension name | Slides | |
| Extension description | User-agent switcher for Chrome is an extension for Google Chrome | |
| Extension type | extension | |
| Extension homepage URL | https://spoofer-extension.appspot.com/about | |
| Extension icon | ||
| Extension install type | Normal | Whether the extension was force-installed by the administrator, or installed by the user. |
| Extension enabled status | Enabled | |
| Extension host permissions | “webRequest”, “cookies” | Learn more about host permissions. |
| Extension permissions | “tabs”, “devtools” | Learn more about Chrome extension permissions. |
| Plugin name | Chrome PDF Plugin | |
| Plugin version | 2.0 | |
| Plugin description | Portable Document Format | |
| Plugin file name | internal-pdf-viewer |
Machine information
| Type | Example value | Notes |
| BIOS serial number | [alphanumeric string] | |
| Device management token (DM token) | [alphanumeric string] | Generated during enrollment to uniquely identify the device. |
| Machine name | DESKTOP1 | The name of the machine. |
| OS user | CORP\User1 | The user's name as reported by the OS. |
| OS version | Windows 10.0.17134.165 | The version of the OS the browser is running on. |
| OS arch | x86_64 | The architecture of the device the browser is running on. |
| Machine Id | [ID number] | This value is platform specific. |
After setup
- Set up Chrome browser user-level management
- See all Cloud-managed Chrome browser topics
- See detailed information in the Chrome Enterprise Core whitepaper