Version 6.0.4

Overview

Duo provides modern access security designed to safeguard all users, devices, and applications. It also adds an extra layer for authentication via two-factor authentication or multi-factor authentication. For the full list of named devices and applications, see Duo documentation.

Prerequisites

  • A Duo Security account. For more information on creating a Duo account, see Duo documentation on getting started
  • For cloud-based applications, you must have Duo Access Gateway (DAG). For more information on DAG, see Duo Access Gateway documentation.
  • A DMZ server that provides perimeter network security. For more information on DMZ server requirements, see the Deploy a DMZ server section in Duo Access Gateway documentation.

Configuration

The configuration for Duo varies from application to application. Cloud-based applications require Duo Access Gateway (DAG). DAG is offered with Duo Beyond, Duo Access, and Duo MFA plans. Duo also provides SAML connectors for enterprise cloud applications, including Google G Suite, AWS, Box, Salesforce, and Microsoft Office 365. For a full list of supported cloud applications, see Duo documentation.

Some applications do not require DAG. For instructions on how to connect Duo to Okta, see Connect Okta.

Types of Logs

Meet compliance standards and identify security risks with Duo’s detailed logs. Duo logs are accessible through your admin panel. You can search and export the logs manually via CSV file, or in real-time to your log management or SIEM systems via our REST API.

Authentication Logs

Authentication logs show you where and how users authenticate. These logs typically include usernames, location, time, type of authentication factor and more. Normalize user patterns so you can identify abnormal activity.

Administrator Logs

Administrator log events let you track the username, time and type of administrator activity, including groups, user, integration and device management. Identify any major admin changes and suspicious activity.

Telephony Logs

Telephony logs give you insight into the type of telephony event (SMS or phone), phone numbers, and the number of telephony credits used, ensuring you don’t run out of credits.

Offline Enrollment Logs

Offline enrollment logs return a list of Duo Authentication for Windows Logon offline enrollment events ranging from the last 180 days up to as recently as two minutes before the API request. There is an intentional two minute delay in availability of new authentications in the API response.

Log Collection Method 

We support log collection via API calls or directly from the Duo Admin Panel. 

Additional Information

Admin API

Auth API

Administrator Panel

DUO Documentation