Jump to content

Intella Connect sign-in logs


Recommended Posts

Where does Intella Connect store logins?

As part of our security review I want to check the logs regularly for failed logins for evidence of possible malicious attempts. I am hoping to be able to attribute that back to a network user. For that, I'll probably have to get logs from IT. Intella Connect is being deployed such that it will be accessible by anyone who authenticates to our corporate network (whether in the office or home).

Only select people will be granted access to Intella Connect via username/password and 2FA. The IP of the server won't be published, so stumbling across it is unlikely. Despite those layers of security (must authenticate to our network with 2FA if not in the office, must know the address of the server, and must log in to Intella Connect with proper credentials and 2FA), I also want to monitor failed attempts and if appropriate attribute that to a user for an investigation into a possible unauthorized attempt to access a resource.

Thanks.

Link to comment
Share on other sites

Hi Jacques, Connect has built-in auditing of activity that occurs in the case. To see this you need to have the case shared and a user needs to be logged in to the case. Then click on the Activity tab. Select your case from the dropdown. If you want to just see log in activity, select that option only from the Event types list. E.g.

image.png

 

Link to comment
Share on other sites

Thanks Jon,

That's good to know. But where do I get the logs for the main login page where your cases are listed?  And if I want to do a security audit of logins and attempted logins, is there an aggregated log? Or do I have to check each individual log via the GUI?

If not available, it would be especially helpful in a future release to have a way to see all logins (and attempts) across all cases, as well as the main page with the list of cases. And being able to set alerts/notifications of logins or failed logins would be helpful from a audit/security perspective. Either the functionality within Intella Connect, or in absence of that (or in addition to), a way to query the logs via an API using PowerShell to incorporate checking Intella Connect logs in a custom script that audits various logs on a server.

Also, where do I find the web server logs in case I need to review those as part of a security audit?

Thanks,

Jacques

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...