This document provides information about the Accesses from unusual origin report screen, which displays data on user sessions initiated from source IPs different from those usually associated with the user.
Path to access
-
On Segura®, in the navigation bar, hover over the Products menu and select User Behavior.
-
In the side menu, select Behavior analysis > Session events > Accesses from unusual origin.
Actions menu
| Item | Type | Description |
|---|---|---|
| Actions | Dropdown menu | Displays the options Print report, Export CSV, and Schedule report. |
Search fields
| Item | Type | Description |
|---|---|---|
| Origin | Text field | Filters sessions by the IP address of the user who made the access. |
| User | Text field | Filters sessions by the Segura® username who made the access. |
| Sessions interval | Text field | Filters by the number of sessions to be investigated. Use this field to enter the starting number of the range you wish to filter. |
| until | Text field | Filters by the number of sessions to be investigated. Use this field to enter the ending number of the range you wish to filter. |
| Risk range | Text field | Filters by the session score range. Use this field to enter the starting number of the range you wish to filter. |
| until | Text field | Filters by the session score range. Use this field to enter the ending number of the range you wish to filter. |
Report fields
- Target.
- Credential.
- Protocol.
- Access.
- Actions:
- Unusual accesses: represented by the magnifying glass icon, it opens the Unusual accesses.
Info
By default, the report displays 30 records per screen. To go to the next screen, click the forward buttons at the end of the report.