Viewing client connection logs

SDS for C&M clients generate a log every time they log in to SDS for C&M, indicating whether the connection succeeded or failed.

Looking through these logs makes it possible to detect whether a user account is the target of a brute force attack.

These logs are deleted by default after 365 days.

Connection logs can be viewed on client workstations in
C:\Program Files\Stormshield\Stormshield Data Security\accountConnectionLogs.json,

In the following example, the first login was attempted using the account The line "success": true means that the login was successful. The second attempt was carried out with the account The line "success": false means that the login failed.

"accountConnections": [{
"date": "2019-03-25T17:02:45Z",
"email": "",
"success": true
}, {
"date": "2019-03-25T17:03:55Z",
"email": "",
“success": false },