Subscribe to Help Center RSS FeedVaultOne allows administrators to receive real-time alerts whenever suspicious activity is detected on the platform. Enabling these alerts helps you respond quickly to potential security threats.
Accessing Security Settings
- Go to Administration > Settings > Security.
- In the Security tab, locate the Security Alerts section.
- Check the boxes to activate alerts for suspicious activities.
Once enabled, administrators will automatically receive notifications whenever a suspicious action occurs on the platform.
Default Suspicious Activity Alerts
VaultOne will send alerts for the following scenarios by default:
- Excessive Credential Searches:
- Alert (Severity 1) - 5 credentials accessed in 1 minute
- Critical (Severity 2) - 5 credentials accessed in 2 minutes
- Error (Severity 3) - 5 credentials accessed in 3 minutes
- Warning (Severity 4) - 5 credentials accessed in 5 minutes
- Excessive Login Attempts:
- Critical (Severity 2) - Login from outside the main access country
- Error (Severity 3) - Login outside the commercial window (8:00–18:00, based on timezone)
- Warning (Severity 4) - 2 logins from different IP addresses
- Notice (Severity 5) - 2 logins from different web browsers using the same IP address
Severity (RFC 5424)
- Alert (1): Immediate action required
- Critical (2): Critical conditions
- Error (3): Error conditions
- Warning (4): Warning conditions
- Notice (5): Normal but significant condition
Enabling these alerts helps you monitor and respond to suspicious activity, strengthening your organization’s security posture.
Back to Top
In this Article