Hi Everyone,
Am attempting to create a report of all unsanctioned application usage where corporate email addresses have been used, is this possible with standard reporting?
Thank you
Page 1 / 1
@Curious,
Yes this should be possible with classic reporting but Advanced Analytics would provide more insight. You can create a widget that has a query like:
activity like Login and app-cci-app-tag eq 'Unsanctioned' and from_user like corpdomain.com
The widget can then be configured to break down by user, app, and other fields:
This gives you insight into the corporate username and the from user that they leveraged. My example is sparse as my tenant just has traffic from me and my test accounts but here's a sample:
Thanks @sshiflett, love your work!
Reply
Login to the community
If you haven't already registered, now is a good time to do so. After you register, you can post to the community, receive email notifications, and lots more. It's quick and it's free! Create an account
Login with SSO
Employee Partneror
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.