1. Go to Monitoring > Audit.
  2. Enter the report parameters:
    • Time Range. Limit the report results to a specified range of time.
    • Filter type. Limit the results to a particular type, user, or resource.

      Risk features the following unique Event Type filters:

      • Risk Evaluation Created
      • Risk Evaluation Updated
      • Risk Policy Created
      • Risk Policy Deleted
      • Risk Policy Updated

      PingOne Protect features the following unique Resource Type filters:

      • Risk Evaluation
      • Risk Policy
    • Selected fields. Specify which columns appear in the results list.
    • Time zone. Specify the time zone to be used for the results list. The timestamp shows the date and time for the selected time zone.
    • Secondary Filter Type. Specify a secondary filter to limit the results to a particular type, user, or resource. You must specify a primary filter type before you can select a secondary filter type.
  3. Click Run.

To rearrange the columns in the report summary, drag the column heading to the desired position.

To view the details of an event, click View in the Details column.

In PingOne Protect, you can view several parameters in this section, including:

  • userRiskBehaviorReason: The user risk behavior analytic that triggered the risk policy.
  • impossibleTravel: The result of the geovelocity anomaly model.
  • anonymousNetworkDetected: The result of the anonymous network detection model.
  • userAgent: The browser and OS details.

To see a full list of parameters, see Risk Evaluations in the PingOne Platform API Reference.