I'm going to argue with qle: You can customize the out-of-the-box Reports in the Reports console.
Say, for example, that you want authentication events for a specific user.
- Run Reports
- Run an Authentication report (I'm using Authentication - Log On/Off/Failure) for something like a ten minute span
- When it completes, click the Select Expert icon (a green funnel)
- When the box pops up, click "New" to add your first filter. You'll be presented with a list of all the fields in the report. For your example, I'd pick the AUTHAUDIT_1.DESTINATIONACCOUNT and add that.
- This'll take you back to the Select Expert box. Pick the operator "Is Equal To" and in the box, type the username you want to search for.
- Your report may go blank if the user you want didn't occur in the last 10 minutes. No sweat! Press F9 and you'll be prompted to change the time range. Run the report.
- TA DA! A report for one user's authentication events. You can hit Export and save it in the Crystal Reports format to keep a version of the report with your filters baked in for future use.
The same sort of logic would apply to any report with user-names in it, though you may have to explore what fields contain what.
See also: [VIDEO] Filtering and Exporting SolarWinds LEM Reports to Quickly Find Events of Interest
You can also use Crystal Reports to customize the OOtB reports: SolarWinds Knowledge Base :: Creating a Custom Report for LEM 5.6 and newer
I also cover something similar for FIM in this YouTube video: Solarwinds Log and Event Manager - Configuring FIM and Analyzing FIM Data - YouTube