Adaptive Access event details

Edit online

The adaptive access event details and actions that are used in an activity report and transaction.

The following table lists a sample of the adaptive access activity events and the details that they provide.

Table 1. Adaptive Access attribute details
Invocation Identity Source Event details Event actions Adaptive details
Timestamp
  • User name
  • Realm
  • Client IP
  • Device details
  • Location
  • Event type
  • Application name
  • Policy name
  • Re-evaluation
  • Rule name
  • Risk level
  • Policy action
  • Reason
  • Actions
  • Escalate incident to Resilient.
  • Add threat intelligence to Resilient.
  • Show session data.
  • Download session data.
  • Behavioral anomaly
  • City
  • Country
  • Device status
  • Internet service provider
  • Last MFA on device
  • Network location (IP)
  • New device
  • New geolocation
  • Risky device
  • Risky connection
  • Risk level
Note:

The Resilient links to "Escalate incident" and "Add threat intelligence" are visible only after you complete the steps for Integrating Resilient.

Key details from the Adaptive Access event are populated in the Resilient incident.

Note: Download session data provides the JSON file that contains details about the Adaptive Access transaction. By using this .json file data, IBM Support can analyze the log files to troubleshoot problems.