The customer needs to log any failed login attempts to the console and UMC to monitor for brute force attacks.

Console logins

1. The Console logins are tracked in the views dbo.audit_vw_ table in the database.  
2. The field called OPERATION will contain LOGIN and when a user attempts to login, if they fail to login the DESCRIPTION field will contain Failed login attempt for [username].  

Example:

NOTE:Please be sure to add "with NOLOCK" to any SQL query built to pull from this table.

UMC logins

1. UMC logs that show logins are in a log file located in the install directory in %DCS Install Path%\Server\umc\logs\umclog.log
2. The messages within the umclog.log file will show an ERROR message stating the UPN for the "username" is not found.