Alert types

What is a critical alert?

A critical alert requires immediate attention and communication with the customer:

IAM Event - User Location - Outside approved location
Policy Event - Admin Access Granted
IAM Event - Multiple Password Reset
Policy Event - Security Policy Change
IAM Event - Multiple Account Locks
Unable to Refresh SaaS App Token
Policy Event - Admin Access Granted

What is a standard alert?

An alert requires evaluation on the part of the MSP and a decision on what step to take next with the customer:

IAM Event - Account Locked
IAM Event - Multiple Authentication Failures
Device Event - New Device
Policy Event - Security Group Change

What is a logged event?

IAM Event - Authentication Failure
IAM Event - Authentication Success
Application Integration Detail - SaaS Application File Share
IAM Event - Oauth Access Used for Foreign Application
File Share Event - Internal
File Share Event - External
File Share Event - Local Download
File Share Event - External Orphaned Link
Application Integration Detail - SaaS Application Link Share
IAM Event - Password Reset
IAM Event - Multiple Login Connections From Different IP Addresses
IAM Event - Multiple SaaS Connections From Different IP Addresses
IAM Event - New User Added
IAM Event - An Unknown Actor is Attempting to Access the Domain

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.

How would you rate this KB article?

Copyright © 2025 Kaseya Limited | Privacy Policy | Edit Cookies | Website Terms of Use