Forum Discussion
What does 'log on' mean in the Cloud App Security portal?
Log on should be successful ones, failed ones are marked differently. For example:
Failed log on (Failure message: Strong Authentication (second factor) is required)
Keep in mind that you might see some internal/datacenter IPs in the list.
Log on should be successful ones, failed ones are marked differently. For example:
Failed log on (Failure message: Strong Authentication (second factor) is required)
Keep in mind that you might see some internal/datacenter IPs in the list.
VasilMichev This is an old comment but this post is the only one I've seen in my research in reference to this log. This log is actually a successful login but the entity in question did not enter the MFA code, so it gets logged as "Failed log on (Failure message: Strong Authentication (second factor) is required".
I tested this with my own sign in by signing in successfully, I received the MFA code but never entered it and was able to reproduce the same exact log.
This log combined with irregular behavior (different IP, country etc) would raise in alarm for me. Just an FYI.