Auth Log Overview
Overview
The Auth Log records authentication-related events such as successful logins, failed login attempts, logout events, and other access-related activity where supported.
What this feature does
It gives administrators a focused view of who tried to access the CRM, whether access succeeded or failed, and the surrounding context such as IP address, country, browser, device, and timestamp.
Why it is useful
- It helps detect suspicious login behavior.
- It supports investigations when an account may be compromised.
- It separates authentication events from normal record changes.
Who should read this?
RISE Admin, Security Officer, System Owner, Support Manager.
Where to find it
Rise Audit Pro → Auth Log.
How to use it
- Open Rise Audit Pro from the sidebar.
- Open Auth Log.
- Use filters to narrow results by status, user, IP address, country, or date.
- Review failed attempts, successful logins, and suspicious patterns.
- Use Security Dashboard for a broader security summary.
Example workflow
A staff member reports suspicious activity. The admin opens Auth Log, reviews the user’s recent successful and failed login events, then compares IP addresses and country data.
Screenshot
Screenshot required
Capture from: Rise Audit Pro → Auth Log
Capture from: Rise Audit Pro → Auth Log
Common mistakes
- Looking only at successful logins and ignoring failed attempts.
- Treating IP country data as perfect evidence without considering VPNs or mobile networks.
- Giving Auth Log access to users who do not need security information.
Related articles
- Failed Login Events
- Security Dashboard Overview
- IP and Country Lookup
- Investigating Suspicious Login Activity
