What does Fortiview > system > failed authentication attempts primarily track?

The Fortiview > system > failed authentication attempts feature is specifically designed to provide detailed insights into authentication issues within a Fortinet deployment. By focusing on failed login attempts, this functionality captures not just the number of failed attempts, but also critical details such as the source IP address from which the attempt originated and the types of login methods being used.

This level of detail is crucial for security monitoring and troubleshooting, as it allows administrators to identify potential unauthorized access attempts, pinpoint the location of these attempts, and understand the methods (e.g., local, LDAP, RADIUS) that are being used. Such insights help in taking proactive measures to enhance security, such as refining access controls or investigating suspicious behavior linked to certain IP addresses.

The other options do not encapsulate the full scope of what this feature is designed to track, as they either focus on successful logins or omit vital details that help in understanding the context of the failed attempts.