User Login Logs - Audit & Security Monitoring
Overview
The User Login Logs page provides comprehensive audit trails and security monitoring for user authentication activities within the Tycho Data Platform. This feature enables administrators to track login attempts, analyze access patterns, and maintain security compliance through detailed authentication logs.
Purpose & Benefits
Security Monitoring
- Real-time Authentication Tracking: Monitor all user login attempts in real-time
- Threat Detection: Identify suspicious login patterns, failed attempts, and potential security breaches
- Access Pattern Analysis: Understand user behavior and detect anomalies in access patterns
- IP Address Monitoring: Track login locations and identify unauthorized access attempts
Compliance & Audit
- Audit Trail Maintenance: Maintain comprehensive logs for compliance requirements
- Regulatory Reporting: Generate reports for regulatory compliance audits
- Data Governance: Support data governance initiatives with user access tracking
Feature Overview
Data Captured
The system automatically captures the following information for each login attempt:
| Field | Description | Purpose |
|---|---|---|
| User's email address | User identification and account association | |
| Login Timestamp | Date and time of login attempt | Temporal tracking and chronological analysis |
| IP Address | Source IP address of login attempt | Geographic and network-based security monitoring |
| User Agent | Browser/client information | Device and application tracking |
| Success | Login attempt result (Yes/No) | Success rate monitoring and failed attempt detection |
How to Use
Accessing the User Login Logs
- Navigation: From the main dashboard, navigate to Admin → User Login Logs
- Permissions: Requires administrator privileges to access audit logs
- Real-time Updates: The page shows the most recent login activities
Reading the Log Data
Understanding Login Entries
Each row in the log table represents a single authentication attempt:
- Successful Logins: Indicated by "Yes" in the Success column
- Failed Attempts: Shown as "No" in the Success column
- Timestamp Format: Displays in your local timezone for easy reading
- IP Address: Shows the originating IP address of the login attempt