In our environment on the investigation page we are getting:
1) Anonymous logon (refer attachment 01)
2) Logon attempted using external credentials (refer attachment 01)
In the second one we saw that account name is comming as RSA logs (please refer attachment 02)
Want to know if this is any system generated process that RSA has to perfrom.
Also if any more infromation about when/how Anonymous logon will come that will be great.