Log File Ingestion

You can configure Auth0 to stream logs into Verosint to detect account fraud. Logs ingested by Verosint will create event and account prints in the SignalPrint Explorer and show details in the Fraud Dashboards.

📘

Ingest Past and Present Logs

When configuring Auth0, you can start streaming at the current date and time, or you can set a previous time and have past logs evaluated in addition to current logs. Adding previous access events to the ingestion can help create a more complete picture of potential fraud in your environment.

In Auth0 navigate to Logging -> Monitoring -> Streams -> Create a Stream -> Create Webhook. Enter your information on the Custom webhook page:

1. Enter a name for this webhook.
2. Enter Verosint's URL https://api.verosint.com/v1/signalprint/logs to receive data.
3. Type Bearer in the Authorization Token field and append your Verosint API key, which is located in your Verosint account profile. Make sure that there is a space character between Bearer and the API key.
4. Select the following settings.
   Content Type -> Application/JSON
   Content Format -> JSON Array
   Filter by Event Category -> Login - Success, Failure, or Other Events (to include MFA events)
5. Select the date when you want log streaming to start. If you choose a past date, ingestion may take some time, depending on the amount of data you include.
6. Save the settings.