<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Obtain a List of Failed Login Attempts or Other Potentially Malicious Sign On Attempts
Apr 7, 2025
Administration
Okta Classic Engine
Okta Identity Engine
Overview

This article presents how to obtain a list of failed login attempts or other potentially malicious sign-on attempts.

Applies To
  • Reporting
  • Suspicious Activity
  • Okta Classic Engine
Solution

Watch the video or follow the steps below to obtain a list of failed login attempts or other potentially malicious sign-on attempts.


 

  1. In the Okta Admin Console, navigate to Reports > Reports​​​​​.
  2. The Suspicious Activity section will provide a brief summary of failed logins and locked-out users over the past 30 days.
  3. For greater detail and a report that can be exported, click the Suspicious Activity header in the section.
  4. To export the report to a file, click the Download CSV link in the upper-right corner of the results table.

Recommended content

Still looking for help?
Loading
How to Obtain a List of Failed Login Attempts or Other Potentially Malicious Sign On Attempts