I have a potential client who is asking about the User Activity Deviation functionality of Data Insight.
They want to know if it can trigger alerts based on number of access attempts or denies? I know it can trigger based on access or read attempts and there are thresholds for that. But they want it to trigger on access denied and just access attempts. I know the read/writes and other things are monitor but could not find anything in the 4.5 admin guide on that specifically and do not have access to the DI console at the moment.
Daniel we do not capture the failed security access events in 4.5x. 5.0 is out today but I have not researched that functionality. Likely it would require a PAR but I do recall something requested some time back.
Could you move the thread to the SE forum and check there for an answer overnight?