Interpreting the Security Overview dashboard

The Security Overview dashboard shows data related to failed user logins, failed challenge events, and account unlock events. Data includes:

  • Denied Logins and Self Service (Timeline)

    A timeline that shows all failed login events over the last 24 hours or 7 days. The timeline uses a color coded bar chart to indicate the different login options. The timeline includes handles on either end that you can dragged to scope the data to a particular day/hour which will update all other data in the dashboard. The default scope is 7 days.

    MFA Login data represents failed logins that came from an MFA login attempt. See

    RADIUS Login data represents failed logins that came from a RADIUS login attempt. See How to configure Privileged Access Service for RADIUS for information on how Privileged Access Service supports RADIUS.

    Challenge data represents failed authentication attempts to access features configured with additional authentication challenges.

    Account Unlock data represents failed account unlock attempts. See Configure account unlock self-service options for information on account unlock.

  • Denied Logins

    A counter that shows the number of login attempts that were denied by Privileged Access Service.

  • Denied Feature Access

    A counter that shows the number of feature accesses that were denied by Privileged Access Service. This data corresponds to the Challenge data in the "Login and Self Service Types" pie chart.

  • Denied Self Service

    A counter that shows the number of self service events users triggered but denied by Privileged Access Service. See How to configure user self-service options for information on self-service options.

  • Details

    A table that shows all the events triggered by users. Details include:

    • Occurred -- Shows the date and time of the event.
    • User -- Shows the user account associated with the event.
    • Event Result -- Shows the failed event type and an explanation of failed event.
  • Locations

    A map that shows user locations when they logged in to Privileged Access Service and the number of failed logins from each location.

    For privacy reasons, user location data in the Admin Portal is based on the IP address used to access the Privileged Access Service.

  • Login and Self Service Types

    A pie chart showing the failed logins based on login types, additional challenges, and account unlock.

  • MFA Factors

    A pie chart that shows the number of failed logins using the specified authentication mechanisms. See Authentication mechanisms information on the authentication factors.