Products: Duo Security - Multi-Factor Authentication (MFA)
Rule ID | Rule Name |
---|---|
THRESHOLD-S00096 | Brute Force Attempt |
FIRST-S00029 | First Seen Successful Authentication From Unexpected Country |
THRESHOLD-S00097 | Impossible Travel - Successful |
THRESHOLD-S00098 | Impossible Travel - Unsuccessful |
THRESHOLD-S00095 | Password Attack |
OUTLIER-S00001 | Spike in Login Failures from a User |
CHAIN-S00008 | Successful Brute Force |
MATCH-S00815 | Threat Intel - Successful Authentication from Threat IP |
Log Mapper ID | Log Mapper Name |
---|---|
addda6e4-9041-11e8-9eb6-529269fb1459 | Duo Authentication via CEF |
640b4eb0-669a-46f4-9229-48c30c50e5ef | Duo Security Admin API - Audit |
0ff9bf08-24c1-4f7f-b2f0-d522b1681035 | Duo Security Admin API - Authentication |
11f44f6a-1313-479c-ba8e-d15b61c0da8c | Duo Security Admin API - Non-User Audit Changes |
79827cc5-ec48-4ca0-bf04-924fc5368c02 | Duo Security Admin API - Targeted User Audit Changes |
71958300-7D31-4909-9448-4DF68E80B706 | Duo Security Authentication API |