Reviewing SMA 100 logs for anomalous authentication attempts

Description

The logs show the source IP address, method of authentication and authentication result.

Resolution

  1. Navigate to Log | View.

    • Time :Shows the time of event.
    • Category :Authentication (this will show authentication events on the SMA).
    • Source:The source IP address from where the authentication attempt was initiated.
    • Destination:The destination IP address
    • User:User account used for authentication
    • Message:User authentication result (Successful/Failed)

  2. Clicking on the drop down arrow,will show more details regarding the event i.e User,Portal,Agent,Domain. Portal and Domain information is not available for unsuccessful attempts.
    Image



Related Articles

  • How to Provision SMA1000 in Monthly Billing (MSSP Program)
    Read More
  • SMA 1000 Series Support Matrix
    Read More
  • How to Configure SAML 2.0 SSO with Microsoft Entra ID for SonicWall SMA 1000 Series
    Read More

Categories

Secure Mobile Access
SMA 100 Series
Logging
not finding your answers?
Ask the Community
Chat