One might be wondering whether security events such as failed login attempts are logged by Kayako and if these generate alerts that are monitored. Additionally, one might want to know if privileged access to certain functions would also be logged somewhere in Kayako.
As mentioned in Log Collection Capabilities and Retention Policy, Kayako doesn't log these types of events into internal log files. Moreover, note that these events such as failed login attempts do not generate alerts in the system and are not monitored.
Having said that, it is possible for administrators to configure some of the security settings and review user activities.
With regards to the login attempts and other related security events, all available security options in Kayako that one can configure are explained in the articles below.
- Configuring Security Login Policies
- Configuring Password Policies
- Defining IP Restrictions for Agent Logins
- Securing Your User Account with Two-Factor Authentication
Activities such as logins, logouts, and other events from Staff can be obtained following the instructions in Retrieving User Activity Logs in Kayako.
Lastly, note that the Kayako team does not have a privileged account that can review all instances/activities. Instead, we use impersonation access which enables us to impersonate an administrator account from the customer's instance after the customer provides approval for this for a root cause analysis or issue resolution. This process is explained in more detail in the Sharing Your Access for Impersonation article.