Anomaly Report in ADManager Plus

Anomalies can be defined as deviations from usual behavior. They can be a potential vulnerability or even a false positive, but no matter what the situation is, it is vital to take stringent actions on them to fortify your network from both insider and outsider security threats.

The Anomaly Report is generated based on analyzing ADManager Plus' logs to provide a comprehensive list of anomalies detected from the login history, management, imported and exported data, and automation execution logs. The product's logs are scanned for out-of-the-norm behavior like non-business hour logins, multiple login failures, or unusual management activity. Anomalies are detected using machine learning and can be:

• Pattern-based: Unforeseen actions performed in a sequential manner.
• Time-based: Actions performed at unusual times.
• Count-based: Actions performed at an unusually large rate.

To view the Anomaly Report in ADManager Plus:

1. In the top right-corner of the Admin Audit Report page, click Anomaly Report.
2. A list of anomalies detected will be displayed on this page along with technician details, type, score, and other relevant details.
3. Click the Export icon to export the report in the desired format.

Detected anomalies will be displayed in the notifications section in the product. Click the bell icon in the top-right corner of any page to access the notification section.