Lets Talk

Session Timeline

Estimated reading: 1 minute 3 views

Overview

Session Timeline shows a user’s activity sequence over a selected time or session-related period.

What this feature does

It helps reconstruct what a user did before and after a login or suspicious action.

Why it is useful

  • It supports account compromise investigations.
  • It helps understand event order.
  • It connects authentication, views, and changes in a readable sequence.

Who should read this?

RISE Admin, Security Officer, Support Engineer.

Where to find it

Rise Audit Pro → Session Timeline.

How to use it

  1. Open Session Timeline.
  2. Select the user and date if required.
  3. Load the timeline.
  4. Review logins, views, and activity events in order.
  5. Open related logs for detailed evidence.

Example workflow

After a suspicious login, the security officer loads the user’s session timeline to see which records were viewed or changed.

Screenshot

Screenshot required
Capture from: Rise Audit Pro → Session Timeline

Common mistakes

  • Reviewing isolated events without timeline context.
  • Assuming a timeline includes unsupported third-party events.
  • Not preserving exports or notes for serious investigations.

Related articles

  • Investigating Suspicious Login Activity
  • User Risk Scores
  • Auth Log Overview
Share this Doc

Session Timeline

Or copy link

CONTENTS
Shopping Basket