The Login attempts query is used to export login attempts over a time period. Showing IP address, user name, the authenticated device used, and if the login was successful.
You can download the attempted logins using the default 'Security Audit' report, which also uses the Users query and Sessions query.
Contents
Filters
Filter |
Description |
Mandatory |
---|---|---|
Start date / Before date |
Filters to show login attempts that were from the start to the end date in UTC. |
YES |
Data provider settings
There are no data provider settings for this query.
Columns
Name |
Description |
Example |
---|---|---|
Attempted datetime (UTC) |
Date and time for the login attempt in UTC. If there are multiple login attempts, this will be the most recent attempt. |
23-Jan-21 14:35 |
Attempted UserName |
User name of the user that logged in. See 'User name' field in Users (Administration). |
Support |
Attempted user remarks |
Remarks for the user, see ‘Remarks' field in Users (Administration). |
External user |
Authenticated by DeviceAuthorizationID |
The device authentication’s unique ID in GUID format used for access. See Device authorizations (Administration). ID will show only if the user has logged in with a device that has been authenticated. |
40e3e31e-9668-4b18-9c6f-380e7fb7b88b |
Authenticated by IPWhiteListEntryID |
The IP whitelist’s unique ID in GUID format used for granting access. See IP whitelist (Administration). ID will show only if the user has logged in with an IP address that has been whitelisted. |
f9e77cf8-93e4-405e-9501-0eab460e169c |
Client headers |
The user’s client browser information. This information is useful for showing browser used for access and debugging any login issues. |
Cache-Control=max-age%3d0&Content-Length=2036&Content-Type=application |
Client IP address |
The user’s IP address used to access FBO One. See IP whitelist (Administration) for granting access. |
111.11.1.11 |
LoginAttemptCount |
The number of login attempts until the login was successful for the user. |
1 |
LoginAttemptID |
Login attempt’s unique ID in GUID format. |
be58317b-cce8-4fb3-9eae-c109b716002c |
QRCode |
Allows generating a QR code using data from other columns, see How to add a QR code to a report. Example shown:
|
|
UserID |
User’s unique ID in GUID format. |
987035e0-6ce9-4321-a9c4-959717cdde28 |
Was successful |
Indicates if the user’s login attempt was successful. |
TRUE |
Webserver Computername |
The FBO One server used for the user’s login session. |
AWSUTW2 |
Comments
0 comments
Please sign in to leave a comment.