Unusual 1Password item usage action observed from user

Set up the 1password integration.

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Goal

Detect when 1Password item usage activity is observed.

Strategy

This rule monitors 1Password audit logs for the following item usage actions

Note: This rule uses the New Value detection method, to determine when a previously unseen item usage action is observed.

Triage & response

Investigate {{@usr.email}} attempting an item usage action: {{@evt.name}} that they haven’t performed recently with item {{@item_uuid}} within vault {{@vault_uuid}}.