To access the Risk Events dashboard, go to Monitoring > Threat Protection.

Click the chart to view drill-down information.


A screen capture of the Risk Events chart. On the left-hand side are the Filters and Date Range sections. The monitored risk data table is directly below the Risk Events chart.

The drill-down table shows more detailed information about each high-risk event, including:

  • IP address
  • Target application
  • IP reputation.

Only events that have triggered a specific risk model, such as geovelocity anomaly, or have an aggregated risk score of high are shown. The aggregated risk score is determined by the selected risk policies in the Policy Name list.

Scroll to the right to see additional columns. For use of the filtered search bar, see Filtered searching.

For a description of the table columns, see Monitored risk data.

Click a column header to sort the results by that value. Results are sorted by the Time column by default, with the most recent entries listed first.