• Docs Home
• Platform
  • Multi Factor Flow
  • User Enrollment
  • Domain Attributes
• Guides
  • Admin Panel
  • User Management
  • Applications
  • Admin Logs
  • Authentication Logs
  • Administrator Roles
  • Policies
  • Hardware Tokens (OTP)
  • Software OTP Tokens
  • Email OTP
  • Bypass Codes
  • Devices
  • Phones
  • U2F Tokens
  • Push Number Matching
  • Passcode Grids
  • Authenticator App
  • Enrollment Email
  • LoginTC Managed
  • MSP Hub
• End-User Guides
  • iOS App
  • Android App
  • Chrome Extension
• Video Library
  • LoginTC Basics
  • LoginTC Policies
  • User Management
  • LoginTC MSP Hub
  • LoginTC RADIUS Connector
  • Authentication Methods Management
  • Offline Authentication
  • Cloud User Enrollment
  • On-Premises User Enrollment
  • Authentication Methods for Users
  • AD FS Walkthrough
  • Check Point Walkthrough
  • Cisco Walkthrough
  • Amazon Workspace Walkthrough
  • Barracuda Walkthrough
  • F5 Big-IP APM Walkthrough
  • Fortinet Fortigate Walkthrough
  • Ivanti VPN Walkthrough
  • Microsoft Entra ID Walkthrough
  • Microsoft Remote Desktop Web Access Walkthrough
  • Microsoft RRAS Walkthrough
  • OpenVPN Walkthrough
  • Outlook Web App
  • Palo Alto Walkthrough
  • SonicWall Walkthrough
  • Sophos Walkthrough
  • SSH Walkthrough
  • VMware Horizon View Walkthrough
  • WatchGuard Walkthrough
  • Windows VPN L2TP
• Connectors
  • AD FS
  • Apache
  • Barracuda
  • Box
  • Check Point
  • Cisco ASA
  • Citrix NetScaler
  • Dropbox
  • Microsoft Entra ID External Authentication Methods (EAM)
  • F5 BIG-IP APM
  • Fortinet Fortigate
  • Freshdesk
  • Juniper
  • MariaDB
  • Netgate pfSense
  • Office 365
  • OpenAM
  • OpenVPN
  • OpenVPN AS
  • OWA
  • Palo Alto
  • PostgreSQL
  • Pulse Connect Secure
  • RADIUS
  • Two Factor Authentication (MFA) for RD Gateway (RADIUS)
  • Two Factor Authentication (MFA) for Remote Desktop Web Access (RD Web)
  • Sophos UTM
  • SonicWALL SRA
  • SiteMinder
  • Unix SSH
  • VMware Horizon View
  • Web
  • WatchGuard
  • WatchGuard Access Portal
  • Windows Logon and RDP
• Tools
  • User Sync
• REST API
  • Users
  • Domains
  • Tokens
  • Bypass Codes
  • Hardware Tokens
  • Sessions
  • Organizations
  • Client Libraries
• Downloads
• Release Notes
  • LoginTC RADIUS Connector
  • LoginTC AD FS Connector
  • LoginTC RD Web Access
  • LoginTC RD Gateway SSO
  • LoginTC Windows Logon Connector
  • LoginTC OWA
  • LoginTC Managed
  • User Sync Tool
• Service Status
• Knowledge Base
• Help

Authentication Logs

• Overview
• View
• Export
• Action Types

Overview

Authentication Logs display all user authentication actions. The actions include useful information like which LoginTC Application was access, from where (when available), and using which second factor method. Invalid and denied authentication requests are also logged. Administrators can quickly search through the logs by date range, keyword and action type.

View

Click on the  Authentication Logs tab to view user authentication actions.

name

Property	Explanation
From	Date to begin query
To	Date to end query
Keyword	The keyword can be an administrator email, user email, user name or domain name
Applications	A dropdown of which application to query
Actions	A multi-select of which actions to query

Click View to execute a query.

Property	Explanation
Timestamp	Timestamp of the authentication in action
Action	The authentication action
User	The user associated with the action
Application	The application associated with the action
Access Location	Best effort geo-location based on IP Address of user (when available)
Second Factor	The second factor authentication method leveraged

Export

Clicking Export will export the current view of Admin Logs as a csv file. The maximum number of lines in an export is 10,000. Sample csv:

date,action,user,user_id,application,application_id,access location,second factor
2022-12-19T12:22:57-05:00,Granted: User approved, bobby.grimes,bf4d70f466f372c61b6d778886e36bc5c8cc9661,Microsoft Windows Logon,ce58726671f13e6478c159005b956b3a628d3d42,Canada (Vancouver): 162.216.47.43,LoginTC App Push: One-step, Push Number Matching
2022-12-19T12:21:57-05:00,Denied: Geo-velocity policy,aaron.diotte,c2a66c30b9f73d2839739b4d462b4ee07e540924,Fortinet FortiGate SSL VPN,0dbf3f7f0c0b833faa26b8112500d9e241764ff0,Spain (Valencia): 196.245.54.135,

Action Types

The following are the logged user authentication actions.

Action	Explanation
APPROVE_REQUEST	A push notification request has been approved
APPROVE_REQUEST_BYPASS_CODE	A bypass code request has been approved
APPROVE_REQUEST_OTP	A passcode request has been approved
APPROVE_REQUEST_OTP_EMAIL	A passcode request via email has been approved
APPROVE_REQUEST_OTP_HARDWARE_TOKEN	A passcode request via hardware token has been approved
APPROVE_REQUEST_OTP_PHONE_SMS	A passcode request via SMS has been approved
APPROVE_REQUEST_OTP_SOFTWARE_TOKEN	A passcode request via software token has been approved
APPROVE_REQUEST_PASSCODE_GRID	A passcode grid request has been approved
APPROVE_REQUEST_PHONE_CALL	A phone call request has been approved
APPROVE_REQUEST_U2F	A U2F token request has been approved
DENY_REQUEST_FRAUD	A push notification request has been denied as fraudulent
DENY_REQUEST_PHONE_CALL	A phone call request has been denied
INVALID_APPROVE_ATTEMPT	A push notification approve request attempt is invalid
INVALID_APPROVE_ATTEMPT_BYPASS_CODE	A bypass code request attempt is invalid
INVALID_APPROVE_ATTEMPT_BYPASS_CODE_NOT_ENABLED	A bypass code request attempt is invalid as the policy does not allow bypass codes
INVALID_APPROVE_ATTEMPT_GEO_LOCATION_DENIED	An approve request is invalid based on geo location policy
INVALID_APPROVE_ATTEMPT_GEO_VELOCITY_DENIED	An approve request is invalid based on geo velocity policy
INVALID_APPROVE_ATTEMPT_OTP	A passcode request attempt is invalid
INVALID_APPROVE_ATTEMPT_OTP_NOT_ENABLED	A passcode request attempt is invalid as the policy does not allow passcodes
INVALID_APPROVE_ATTEMPT_PASSCODE_GRID	A passcode grid request attempt is invalid
INVALID_APPROVE_ATTEMPT_PASSCODE_GRID_NOT_ENABLED	A passcode grid request attempt is invalid as the policy does not allow passcode grids
INVALID_APPROVE_ATTEMPT_U2F	A U2F token request attempt is invalid
INVALID_APPROVE_ATTEMPT_U2F_GEO_LOCATION_DENIED	A U2F token request is invalid based on geo location policy
INVALID_APPROVE_ATTEMPT_U2F_GEO_VELOCITY_DENIED	A U2F token request is invalid based on geo velocity policy
INVALID_APPROVE_ATTEMPT_U2F_NOT_ENABLED	A U2F token request attempt is invalid as the policy does not allow U2F tokens
INVALID_APPROVE_ATTEMPT_ZERO_REMAINING_RETRIES	An approve request is invalid as the user has no remaining retries
REQUEST_DELIVERABLE_OTP_FAILED_GEO_LOCATION_DENIED	A deliverable passcode request is invalid based on geo location policy
REQUEST_DELIVERABLE_OTP_FAILED_GEO_VELOCITY_DENIED	A deliverable passcode request is invalid based on geo velocity policy
REQUEST_LOGINTC_PUSH_FAILED_INVALID_PUSH_NUMBER	A push notification approve request attempt is invalid as the push number matching is incorrect
REQUEST_LOGINTC_PUSH_FAILED_NOT_ENABLED	A push notification approve request attempt is invalid as the policy does not allow push notifications
TIMEOUT_REQUEST_PHONE_CALL	A phone call request has been timed out
UNKNOWN_USER	The username attempting login is unknown
USER_REQUEST_DENIED_APP	An approve request attempt is invalid as the policy does not allow the users type of LoginTC app
USER_REQUEST_DENIED_GEO_LOCATION	An approve request attempt is invalid based on geo location policy
USER_REQUEST_DENIED_GEO_VELOCITY	An approve request attempt is invalid based on geo velocity policy
USER_REQUEST_DENIED_TIME	An approve request attempt is invalid based on time policy