Failed Login Events
Overview
Failed login events show authentication attempts that did not successfully access the CRM.
What this feature does
They record failed attempts with context such as attempted user, IP address, country, user agent, and time where available.
Why it is useful
- It helps detect brute force attempts.
- It can reveal mistyped credentials or forgotten passwords.
- It supports security reviews and account protection workflows.
Who should read this?
RISE Admin, Security Officer, Support Manager.
Where to find it
Rise Audit Pro → Auth Log, filtered by failed login events.
How to use it
- Open Auth Log.
- Filter by failed login status.
- Review repeated attempts by IP address or email.
- Check country and device patterns.
- Use Security Dashboard for brute force or suspicious user summaries.
Example workflow
Several failed login attempts appear for the same admin email from different IP addresses. The security officer reviews the pattern and considers password reset or IP blocking.
Screenshot
Screenshot required
Capture from: Rise Audit Pro → Auth Log → Filter Status: Failed
Capture from: Rise Audit Pro → Auth Log → Filter Status: Failed
Common mistakes
- Ignoring repeated failed logins because no account was accessed.
- Treating one failed attempt as an attack without context.
- Not documenting repeated attacks in security notes or reports.
Related articles
- Failed Login Monitoring
- Brute Force Detection
- Security Dashboard Overview
