The Irregular Sign-Ins system report in the Nova Report Center allows you to see sign-in attempts from users both external and internal to your environment. This includes multiple sign in attempts and locking of accounts.
The table includes information that drills down into the details of the sign-in, including:
- Time and date
- Application used (Internet browser/EWS etc.)
- Error code
- Additional status information – examples include login credential errors or if the log was an expected part of the login flow.
Another section of the report gives you a pie chart on where the sign-ins have occurred by country. This is useful to quickly identify if sign-ins have happened in locations where your organization and its users aren’t affiliated.
The final section gives you information on the main failure types and how often they occured over the previous seven days.
Remember, you can modify these system reports and tweak them to suit your needs. To do this, you will need to clone your report by clicking Edit, then clone. These will then be made private reports and only available to you.