If you're having trouble at any stage please contact us at support@skyformation.com.
Preface
OneLogin is an identity provider as a service (aka IDaaS), to manage the organization’s identities and manage the authentication in a central and secure way across multiple applications (SSO).
OneLogin Audit Sources & Events Supported
| Audit Source (API) | Service/Module Covered | Event Types | Events included |
|---|---|---|---|
| Events | Authentication | login to onelogin failed/succeeded, user authentication via API failed/succeeded, user failed remote authentication, Mac login success/failed, user logged-out from onelogin, user logged-out from app, user authenticated by RADIUS, social sign-in, user failed login via assertion proxy etc | Represents authentication related events to onelogin app or its protected apps |
| Active Directory | ad connector started, stopped, configuration reloaded etc | Represents events relate to the ActiveDirectory connector | |
| Directory Connector & VLDAP | directory connector enabled/disabled, directory export started/finished, VLDAP bind failed, VLDAP enabled/disabled/updated etc | Represents events relate to the directory connector | |
| Directory Management | directory added/deleted/modified, directory group updated etc | Represents events relate to directory management | |
| Integrated Application | integrated app added/removed/updated etc | Represents events relate to the integrated applications | |
| Directory Users Management | user deleted/created in directory, user invited, user locked, user suspended/reactivated in directory, user field added/removed, self-registration requested for user, user unlocked in directory etc | Represents events relate to users management in onelogin directories | |
| App Users Management | user deleted/created in app, user suspended/reactivated in app, user linked in app, user updated in app etc | Represents events relate to users management in onelogin apps | |
| Roles Management | added role to user, role management granted/revoked, role removed from a user etc | Represents events relate to security settings changes | |
| Security Settings | trusted idp removed, certification expiration notice, certification created, RADIUS config updated, desktop SSO enabled/disabled, VPN enabled/disabled, | ||
| SAML | SAML assertion consumer service failed | ||
| Passwords | set password with salt, set password with clear text, failed to set password with salt etc | Reprisents event related to password changes and management |
Comments
0 comments
Please sign in to leave a comment.