I’m looking to build an analytics report for a Login Audit based on “Failed Authentication Count => 3”. However, when built out and I add the filter for “Updated Date UTC Date is in the past 24 hours” it gives me all failed login attempts total for that user not just the failed login attempts within the last 24 hours. What am I doing wrong here?
Does anyone have any better suggestions for auditing failed login attempts with email notification?
Best answer by Jaycee.ElliottView original