Security Log

Logs the security events that occurred in your domain

Overview

Security events like a change of access location, unauthorized attempt to access a resource by a user and the automatic action taken by the system are listed in the security log. The security log displays a detailed list of security events with the name of the user, the date & time, the platform and IP address from which the security event was triggered.

By default, the security log displays all details in an ascending order starting from the most recent security event for your domain.

Admin Portal > Home > Logs > Security Log
  1. Search Filters: Filters for searching the records in the security log on your domain.

  2. Export CSV and Export PDF: Click the Export CSV or Export PDF button to export the security log to a .csv or .pdf file.

  3. Name: Name of the user who triggered the security event on your MangoApps domain.

  4. IP Address: IP address of the system the post or update was posted from.

  5. Platform: The platform from which the security event was triggered. MangoApps tracks security events across web browsers, iOS & Android mobile applications, Windows, and Mac applications.

  6. Event: Description of the security event.

  7. Time of Event: Date and time when the security event occurred.

  8. Action Taken: The action taken by the system for occurred security event.

  9. Time of Action: Date and time for the action taken by the system for the occurred security event.

  10. Email Notification: Email IDs that were notified for the security event.

Security events are notified via email to all network admins immediately when they occur.

Security event email to the network admin for unauthorized attempt to access the Admin Portal

List of Possible Security Events

The events that are logged in the security log are as follows:

  • When a user accesses their account from a different geographic location than their last known location.

  • When a user tries to access flagged content.

  • When multiple incorrect number of password attempts occur by a user.

  • When an unauthorized attempt is made to access a resource/page by a user, for example - When a user tries to access a resource from an unlisted project/group they are not a member of.

  • When an unauthorized attempt is made to access an invalid URL by a user.

  • When an unauthorized attempt is made to access admin portal by a user.

  • When an unauthorized attempt is made to access your MangoApps domain from an IP address that is outside the configured IP range (Admin Portal > Security > Browser Access > Basic Configuration) by a user.

Searching the Security Log

You can search specific security log entries in the domain using a user name, email ID/login ID. You can filter the search for security events triggered from various platforms using the Platform drop-down. You can also search security log for entries between a specific period with the Event Occurred Between filter. To search a log entry:

  1. Type a user name in the User Name search box to search for a specific user's security event records. This is an optional step.

  2. Type a user's email ID/login ID in the Email ID/Login ID text box to search for a specific user's security event records using his email/login ID. This is an optional step.

  3. In the Platform drop-down list, click the search filter for the logs. For example, click Web to filter the security events triggered from web browsers.

  4. In the Event Occurred Between date picker, select the period to filter the content within the specified dates.

  5. Click the Search button to search the security logs with the specified filters.

  6. To export the filtered search results to a .csv or .pdf file, click the Export CSV or Export PDF button. This is an optional step.

Searching the security log using the search filter

Exporting the Security Log

You can export and download up to 1000 entries from the security log as a .csv or .pdf file. To download the security log as a .csv or .pdf file:

  1. Go to Admin Portal > Home > Logs > Security Log.

  2. Navigate to the bottom of the page, click the Items per page drop-down and select 1000 to display 1000 items in the security log. By default, the security log displays only 50 recent entries. You can choose to export 20, 50, 100, 200, 500 and 1000 entries from the Security Log for a selected period.

  3. Click the Export CSV or Export PDF button to download the security log as a .csv or .pdf file on your machine.

Maximum 1000 records can be exported for a selected period to a .csv or .pdf file.

Exporting the security log to a .csv or .pdf file does NOT trigger any notifications or email.

MangoApps retains security logs from the date of domain creation. The system never deletes security logs. These logs are accessible anytime to the network admin.

FAQs

When does the security log register a login?

The security log registers a login only when there is a attempt to login by a user who is not authorized

Can I choose which security event triggers an email notification to the network admin?

Yes, you can choose to trigger email notifications to the network admin (Admin Portal > Notifications > Security Notifications) for the following security breach events:

  • When a user accesses their account from a different geographic location than their last known location

  • When incorrect number of password attempts by a user (Admin Portal > Security > Password Settings > Failed Authentication Attempt Policy)

  • When an unauthorized attempt is made to access a resource/page by a user, for example - When a user tries to access a resource from an unlisted project/group they are not a member of.

  • When an unauthorized attempt is made to access an invalid URL by a user

  • When an unauthorized attempt to access admin portal is made by a user

  • When an unauthorized attempt is made to access your MangoApps domain from an IP address that is outside the configured IP range (Admin Portal > Security > Browser Access > Basic Configuration) by a user

Security Notifications Settings
Security event email to the network admin for incorrect password attempts

If a user is suspended after incorrect number of password attempts and tries to log in again, a log entry is not registered for the login attempt.

Did this article help? Your feedback adds value when we shape up the help articles. Hit the smileybelow to let us know!