The Events screen provides a comprehensive audit trail of identity-based activities across your environment. Events captured here include user and administrator sign-ins, authentication steps, Legacy ZTNA policy enforcement outcomes, and behavior-based triggersβgiving you full visibility into who did what, when, and from where.
This screen is essential for enforcing Zero Trust principles, monitoring anomalies, and investigating incidents across both workforce and administrative actions.
π Insights β Events
Event Types
Events are classified into two core types:
- User Events β Generated by end users accessing systems or applications
- Administrator Events β Triggered by administrative actions on the Timus platform
Each entry in the table includes:
| Column | Description |
|---|---|
| User / Administrator | The account associated with the event |
| Public IP | The source IP address from which the action originated |
| Type | The type of event |
| Authentication | Method and step (e.g., Password, idP) |
| Result | The event outcome |
| Risk Level | Risk rating assigned to the event based on contextual signals |
| Location | Geographic location inferred from the public IP |
| Date | Timestamp of the event |
Event Details
Click the β’β’β’ β View next to any event.
| Field | Description |
|---|---|
| User / Administrator | Identity associated with the event |
| Public IP | Source IP of the connection |
| Origin | Where the event occurred (e.g., Connect app, Manager portal) |
| Risk Level | Final risk score assigned |
| Event Type | Category of activity |
| Policy Name | The access policy that was evaluated (if applicable) |
| Behaviors | Behavior(s) that caused the policy to trigger (if applicable) |
| Authentication | Methods used in the authentication flow |
| Location | Geolocation of the IP |
| Date | Exact timestamp of the event |
If the event includes Untrusted IP behavior, additional IP Intelligence fields are shown:
| Field | Description |
|---|---|
| Proxy | Indicates if a proxy service was used |
| VPN | Flags traffic from known VPN providers |
| TOR | Detects traffic from the TOR network |
| Fraud Score | Third-party fraud risk score |
| Abuse Velocity | Rate of abuse history from this IP |
| Recent Abuse | Whether recent malicious activity was reported |
| Bot Activity | Indicates known bot-related behavior |
π€ Export Event Logs
Click Export to download the current table view as a CSV file.
Applied filters and sorting are reflected in the export.
Updated
Comments
0 comments
Please sign in to leave a comment.