Perimeters
  • ✨Getting Started
    • Overview
    • Quick Start
      • First Login
      • Connecting things up
        • Prioritize IdP Integration
        • Integrating Response & Automation Applications
        • Following Compliances
      • Extend your Coverage
        • Integrate Additional SaaS Services
        • Integrate Supported Shadow Applications
        • Close Some Issues
      • First Use
    • Making the most of Perimeters
  • 🚪Perimeters Portal
    • Dashboard
      • Use Cases
    • Inventory
      • Applications
      • Users
      • Shadow Applications
    • Rules
      • Use Case Issues
    • Threats
      • Rules
      • Event Activity
    • Compliance
      • Single Framework
    • Settings
      • Domain Management
      • Report
    • Account Settings
  • 🪢Connecting Perimeters
    • General Instructions
    • SaaS Applications
      • Atlassian Guard (Previously Access)
      • Bitbucket
      • BambooHR
      • Cisco Duo
      • Confluence
      • Datadog
      • DocuSign
      • Dropbox
      • EntraID
      • GitHub
      • Gitlab
      • Google Workspace (G Suite)
      • Hubspot
      • Intune
      • Jira Software
      • Microsoft 365
      • Monday
      • MongoDB (Atlas Mongo)
      • Okta
      • Sentry
      • OneLogin
      • OpenAI
      • Salesforce
      • ServiceNow
      • SharePoint
      • Slack
      • Teams
      • Trello
      • Zendesk
      • Zoom
    • Response & Automation
      • custom Email
      • eMail
      • Jira Software
      • Slack
      • Webhook
      • Splunk
      • Zendesk
  • Release Notes
    • June 2024
  • Additional
    • Glossary
    • FAQ
    • Support
Powered by GitBook
On this page
  1. Perimeters Portal
  2. Threats

Event Activity

PreviousRulesNextCompliance

Last updated 3 months ago

Among all that Perimeters continuously processes about your SaaS estate, this section captures events performed in your SaaS estate and presents them in an easy-to-read, spot anomalies and filter sensibly manner.

You get a visual representation of several events that occur per day in a graphical format. This can help you gauge the normal activity for your organization and spot any abnormal highs or lows quickly.

The events are categorized based on resources that were consumed, technologies involved and Actors, time of occurrence, place of occurrence, and severity.

There are 6 prominent filters to gauge the activities:

Event Type:

  • Third-Party Events triggered by external integrations, log-ins with scope grants, or services that interact with the system.

  • User Activity Actions performed by end-users, such as logins, data access, or changes to settings.

  • Administration Management-related events, including system configuration changes, policy updates, and privileged user actions.

Account:

This filter allows the selection of a particular or multiple account/s that performed the activity.

Application:

This filter allows the selection of a particular or multiple application/s where the activity was performed.

Location:

This filter allows the selection of a particular or multiple country/ies where the activity was performed.

Severity:

This filter allows the selection of a particular or multiple severity/ies of activity. The events are classified amongst Info, Low, Medium, High, and Critical severity.

Time Frame:

This allows the selection of time duration in which you wish to view events. This can be from a standard set - Last 24 Hours, Last 7 days, Last 30 Days, Last 90 days or you may specify either specific dates or number of days up till the current date.

Clicking on a specific event opens further details about the event along with Raw Event that was logged. This can be copied by clicking on the notepad symbol on the right-hand side corner of the Raw events tab.

The Event Type, Application, Account, and Location information along with IP Address, User Agent that was used, and Type and Name of Resource on which the event occurred information is provided wherever supported.

🚪