Set up Chrome Enterprise Core

3. Turn on Chrome browser and profile reporting

As an administrator, you can view reports in the Google Admin console to review managed Chrome browser and profile information in your organization.

Turn on managed browser reporting

Turn on managed browser reporting to get a detailed view of Chrome browsers and extensions used in your organization. For details, go to View Chrome browser details.

  1. Sign in with an administrator account to the Google Admin console.

    If you aren’t using an administrator account, you can’t access the Admin console.

  2. Go to Menu and then Devices > Chrome > Settings. The User & browser settings page opens by default.

    Requires having the Mobile Device Management administrator privilege.

    If you signed up for Chrome Enterprise Core, go to Menu and then Chrome browser > Settings.

  3. Select your top-level organizational unit, so that all child organizations will inherit the policy.
  4. Go to Browser reporting.
  5. Click Managed browser reporting.
  6. Select Enable managed browser cloud reporting.
  7. Click Save.
  8. Restart Chrome browser on users' devices so that it picks up the new policy.

You should then get a report within a minute of Chrome browser restarting. Once a report gets sent, the rest of the fields in the Browser List page will be populated, as well as the Details page. As new reports come in, these fields update accordingly. Currently, report frequency is set to once every 24 hours. If needed, use the Frequency of browser status reporting in hours setting to change the number of hours between successive reports. Enter a value between 3 and 24 hours.

Turn on managed profile reporting

Turn on managed profile reporting to view profile-level information, browser-level information, and limited device information. For details, go to View Chrome browser profile details.

  1. Sign in with an administrator account to the Google Admin console.

    If you aren’t using an administrator account, you can’t access the Admin console.

  2. Go to Menu and then Devices > Chrome > Settings. The User & browser settings page opens by default.

    Requires having the Mobile Device Management administrator privilege.

    If you signed up for Chrome Enterprise Core, go to Menu and then Chrome browser > Settings.

  3. Select your top-level organizational unit, so that all child organizations will inherit the policy.
  4. Go to Browser reporting.
  5. Click Managed profile reporting.
  6. Select Enable managed profile reporting for managed users.
  7. Click Save.

You should then get a report within a minute of Chrome browser restarting. Once a report gets sent, the rest of the fields in the Profile List page will be populated, as well as the Details page. As new reports come in, these fields update accordingly. Currently, report frequency is set to once every 24 hours. If needed, use the Frequency of browser status reporting in hours setting to change the number of hours between successive reports. Enter a value between 3 and 24 hours.

Turn on browser event reporting

Turn on browser event reporting to report browser events such as password reuse, malware downloads, extension installs, and make these available in the Admin Console.

  1. Sign in with an administrator account to the Google Admin console.

    If you aren’t using an administrator account, you can’t access the Admin console.

  2. Go to Menu and then Devices > Chrome > Settings. The User & browser settings page opens by default.

    Requires having the Mobile Device Management administrator privilege.

    If you signed up for Chrome Enterprise Core, go to Menu and then Chrome browser > Settings.

  3. To apply the setting to all users and enrolled browsers, leave the top organizational unit selected. Otherwise, select a child organizational unit.
  4. Go to Browser reporting.
  5. Click Event reporting.
  6. Select Enable event reporting.
  7. (Optional) Configure additional settings. Choose the reported event types that you need, based on what type of content you want to send for analysis. For details, see Chrome audit log.
    • Default event types—Select All types to allow Chrome browser to report all of the default event types. Or, select Customized and then select the specific event types that you need. Default Chrome threat and data protection events include malware transfer, password reuse, and unsafe site visits.
    • Optional event types—If needed, check the Login and Password Breach boxes, and enter URL patterns.
  8. Click Save. Or, you might click Override for an organizational unit.

    To later restore the inherited value, click Inherit.

What gets uploaded from users' devices

Applies to managed browser reporting

Browser policies

Type Example value Remarks
Policy name BookmarkBarEnabled
Policy source/scope Cloud Machine Policy
Policy value false
Policy error Deprecated Any issue with a policy is displayed here.

Browsers & profiles

Type Example value Notes
Chrome browser version 69.0.3497.23
Chrome browser channel Beta
Chrome browser path C:\Program Files (x86)\Google\Chrome Beta\Application
Profile name Person 1
Profile path \Default
Profile signed in user email person@example.com Available only if there’s a signed user in that profile.
Profile signed in user ID [ID number] An obfuscated ID unique to that user. Available only if there's a signed-in user in that profile.

Extension policies

Type Example value Remarks
Extension ID aapocclcgogkmnckokdopfmhonfmgoek Uniquely identifies the extension to which the policies apply.
Policy name BookmarkBarEnabled
Policy source/scope Cloud Machine Policy
Policy value false
Policy error Deprecated Any issue with a policy is displayed here.

Extensions & plugins

Type Example value Notes
Extension ID aapocclcgogkmnckokdopfmhonfmgoek
Extension version 0.10
Extension name Slides
Extension description User-agent switcher for Chrome is an extension for Google Chrome
Extension type extension
Extension homepage URL https://spoofer-extension.appspot.com/about
Extension icon Google Drive
Extension install type Normal Whether the extension was force-installed by the administrator, or installed by the user.
Extension enabled status Enabled
Extension host permissions "webRequest", "cookies" Learn more about host permissions.
Extension permissions "tabs", "devtools" Learn more about Chrome extension permissions.
Plugin name Chrome PDF Plugin
Plugin version 2.0
Plugin description Portable Document Format
Plugin file name internal-pdf-viewer

Machine information

Type Example value Notes
BIOS serial number [alphanumeric string]
Device management token (DM token) [alphanumeric string] Generated during enrollment to uniquely identify the device.
Machine name DESKTOP1 The name of the machine.
OS user CORP\User1 The user's name as reported by the OS.
OS version Windows 10.0.17134.165 The version of the OS the browser is running on.
OS arch x86_64 The architecture of the device the browser is running on.
Machine Id [ID number] This value is platform specific.

After setup

Was this helpful?

How can we improve it?