This guide will walk you through the process of investigating IOS and Android login events using the device analyzer tool.
STEP ONE:
Sign into your Cloud Access Monitor instance.
Navigate to the Audit & Control page, and select the Name of your desired Cloud Environment. (Global Views will show all accounts in your domain, while filtered views will show only users for that view)
Search Bar: The Search bar is a great way to quickly find information about a specific device type, model or email. You can change the search parameter by selecting the down arrow.
Filter By Date: Allows you to select a specific time frame for review.
Download CSV Report: Allows you to download platforms summary section details in a CSV file format.
STEP FIVE:
Reviewing summary details and user data.
USER NAME:
The First column in the results summary section is User Name.
Selecting a User name: If you would like more detailed information about a specific accounts device login simply click the name.
- Status: Indicates login outcome.
- Compromised Status: Indicator for compromised activity.
- Release Version: Indicates users device level version.
- Security Patch Level: Indicates security level.
- Password Status: Indicates if password for access is enabled.
- Privilege: Indicates privilege level for device.
- Created On: Indicates when the event occurred.
USER EMAIL:
The User email column in the results summary section simply displays the related account email.
MODEL:
The Model column in the results summary section indicates the device model used for sign-in.
DEVICE TYPE:
The device type column in the results summary section indicates the device type used for sign-in.
STATUS:
The status column in the results summary section provides the outcome of the sign-in event.
FIRST and LAST SYNC:
The first and last sync column in the results summary section sets the First time the device was accounted for on login. While the Last time gets set on most recent device event login.
Comments
0 comments
Article is closed for comments.