Unusual 1Password item usage action observed from user
Set up the 1password integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Goal
Detect when 1Password item usage activity is observed.
Strategy
This rule monitors 1Password audit logs for the following item usage actions
Note: This rule uses the New Value detection method, to determine when a previously unseen item usage action is observed.
Triage & response
Investigate {{@usr.email}} attempting an item usage action: {{@evt.name}} that they haven’t performed recently with item {{@item_uuid}} within vault {{@vault_uuid}}.
