Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rodrigo_Silva
Contributor

Creating Views - Log in and log out events and user analysis - VPN Activities

Hi everyone,

I am not an expert in creating views but I would like to share one that I have created and has helped me a lot in analysis of log in, log out and login failures, which can be a brute force attempt to discover the password of any user.

The functionalities of the four fields are:

Access Result: Identify the number of successful and failed logins.

Top Failed Log In Users: Which users have the most login failures.

Source IP: You can analyze whether successes and failures have the same IP as the source.

Log in and Log Out Events: You cannot use it as a basis to know what time the user is starting and ending the work shift, but you can analyze when he connects and disconnects on the VPN.

I hope I can help in some way on your day, and if you can answer this post with some improvements that you managed to implement I will be grateful.

Good luck.

 

PS: Don't forget to change the extension to .cpr to be able to import into Views.

0 Kudos
0 Replies