User
Lacework generates user-based alerts when there are policy violations related to users. You can define alert rules to trigger alerts when policy violations related to users are found. See Alert Rules.
Alert List
The following table lists all the user-based alerts.
Alert Name | Alert Type | Event Model | Alert Subcategory |
---|---|---|---|
Suspicious user login detected | SuspiciousUserFailedLogin | SystemRule | User |
Detect suspicious user logins | SuspiciousUserLoginMultiGEOs | SystemRule | User |