This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
RSAAdmin
Beginner
Beginner
‎2011-12-09 10:25 AM

Help required on two reports

Hi Guys, Can anyone help/guide me in creating the below two reports which are required for regular monitoring pusposes in our SOC. have struggled a log but could not achieve it as well. Even the alerts would be helpful. a) Simultaneous Logons – Same IDs logged on from multiple IP's. b) For the "U" failed logons multiple times (T) , successful logon attempts by the same users as well on the server "Y". (U= user) (T= number of time failed login detected) , (Y = hostname/servername) Thanks in advance Shakti P. Sharma
0 Likes
Reply
1 Reply
SandraCarielli
Beginner
Beginner
‎2011-12-12 09:27 AM

The blog has a series of articles that guides you through creating an alert when the same user attempts to log in from multiple IPs in a four hour period. The first article is: [[page no longer exists]]
0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.