Hi,
We have just turned on monitoring under bot control and I am trying to understand the logs.Trying to understand what is done durin the pre-login assessment. I see the following in my logs:
- type:“pla”,
- description:“Pre-login risk assessment”,
- connection_id:“”,
- client_id:“XXXXXXX”,
- client_name:“XXXXXXX”,
- ip:“XX.XX.XX.XX”,
- user_agent:“Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36”,
- details:
{
- ipOnAllowlist:false,
- requiresVerification:false},
What exactly is evaluated to determine whether requiresVerification = true/false? Is this the field that determines whether the user gets a captcha or not - assuming we have captcha configured?
Also, from the current successful logins, can I tell which ones would have had CAPTCHA if we had BOT protection on? We need to evaluate potential customer impact before we roll it out.