Show IP Addresses on Escalation Page for Unexpected Country | Voters

Show IP Addresses on Escalation Page for Unexpected Country

complete

The incident/escalation page for unexpected M365 logins shows countries, VPN, browsers, but not IP address(es).
Would be very handy to have the list of IPs on this same page.
Recently we had a false positive, and had to go into Entra logs to review, only to realize it was our own IPs.

August 6, 2024

Stevez Gomes

The IP Address should be included in the emails/tickets sent. It wastes time to login to the huntress portal each time to figureout what IP Address the alert is being triggered from. The current email shows ORG had an unexpected login, which forces us to login to the portal to get more details, this can easily be avoided by simply including the IP Address and the user.

The user, ORG, and IP Address should be listed on the unexpected country emails/ticket sent ou without the need to login to the portal.

Rich Mozeleski

marked this post as

complete

Rich Mozeleski

marked this post as

in progress

Rich Mozeleski

marked this post as

planned

We will be adding IP address details to escalations as part of some post-GA enhancements in the next few weeks.

Todd Swartzman

Thanks, looking forward to it

Ricardo'la Ortiz'la

absolutely necessary