Reporting and evidence

The Reporting and evidence section explains how to review, share, and export data from Kaseya MDR to support investigations, reviews, and audit‑related conversations. Rather than introducing new detection or response capabilities, this section focuses on how existing reports and investigation results are used to summarize activity, establish timelines, and provide supporting evidence.

The articles in this section describe how reporting fits into the MDR investigation lifecycle, how report data should be interpreted, and how exports can be used for communication with stakeholders such as customers, auditors, or internal review teams. Reporting in Kaseya MDR is designed to reflect observed activity, investigation outcomes, and configuration state within the MDR platform.

Use this section to understand:

How the Reports module is structured and when to use different report types
How to review report data and dashboards for trends and context
How to use reports and investigations to reconstruct incident timelines
How to export report and investigation data for offline review or sharing

Where report‑specific prerequisites or interpretation guidance apply

Articles in this section

This section includes the following articles:

Reports overview: Explains the purpose and scope of reporting in Kaseya MDR, including what reports are used for and what they do not do. This article sets expectations for reporting as a review and documentation capability, not a detection or response mechanism.
Using the Reports module: Describes how to navigate and use the Reports module, including dashboards, report categories, scheduled reports, and report branding settings. This article focuses on reporting mechanics and UI behavior, not on interpreting specific report results.
Mailbox Forwarding Rule Report: Explains prerequisites, permissions, and expected behavior for the Mailbox Forwarding Rule Report. Use this article when the report is unavailable, returns no data, or requires clarification about what the results represent.
Understanding the MFA Report: Explains how MFA report data is sourced and why results may differ from Microsoft admin views. This article clarifies account inclusion and exclusion rules and helps interpret MFA report output correctly.

How to use this section

Use Reporting and evidence:

After investigations, when you need to summarize or explain what occurred
When preparing information for audits, reviews, or customer communication
When exporting report or investigation data for offline analysis or retention
When validating report output or understanding report‑specific limitations

If you are still triaging alerts or performing investigations, start with Using Kaseya MDR. If you need to adjust detection behavior, access, or integrations, refer to Administration, access, and governance or Detection, IOCs, and Respond rules.

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.