TrainingSupportCommunity

Troubleshoot Device Posture

You may be able to solve some Device Posture issues using these topics before contacting support.

Troubleshoot access denied issues

To troubleshoot user access denied issues because of Device Posture rules, view the device's access log.

  1. In the EAA Management Portal navigation menu, select Reports > Activity.
    This redirects you to the Preset Reports tab on the Reports page.

  2. Go to the Application Access tab.

  3. In the Application Access tab, do the following:

    1. Click the calendar icon and select a pre-defined date range, or enter the Start Date and the End Date. Then, click Apply.
    2. In Select Applications, select the application to which access was denied. Your application access report will be filtered by this date range.
    3. In Select Criteria, select User and enter the username of the user who experienced access issues.

  4. Click View Report.
    When an access decision was made using a Device Posture rule, a DP icon displays to the right of the OS column.

  5. Click the DP icon to display the Device Inventory page.
    The Inventory report opens.

  6. Click the View Device Access Log icon to display logs for the previously selected app and user.

Troubleshoot client issues

Client Diagnostics

On desktop devices that run the EAA Client, Device Posture data are generated when the client user runs the client's diagnostic tool.

Client Device Signals

You can troubleshoot issues around the collection of signals from a device by creating a device history report as described in Create a device history report.

Troubleshoot using IdP username as an input

You may find it useful to be aware of the identity provider (IdP) username associated with the EAA Client that runs on a particular device. This can now be viewed as part of device details and included in device inventory reports. This can be useful for auditing and troubleshooting purposes.

Consider the following situations:

  • A particular user has experienced access problems and you wish to analyze their device security posture to troubleshoot the problem.

  • Access Log reports show that a particular device couldn't access an application. Having knowledge of the IdP user associated with the EAA Client that runs on the device allows you to troubleshoot further.

In both cases, you can use IdP username as an input for further investigations.

If the user is logged into multiple identity providers, the IdP username is displayed only for the IdP used to configure the client.

Troubleshoot user-related issues

  1. In the EAA Management Portal navigation menu, select Reports > Device Posture.
    This redirects you to the Device Inventory tab on the Device Posture Reports page.

  2. In the Inventory tab, click View Report.
    The unfiltered Device Inventory report opens.

  3. In Search report, enter the IdP Username of a user who reported access issues, and next identify the corresponding Device ID.

  4. Copy the Device ID.

  5. Go to the Device History tab and paste the Device ID value. Click Show Device History.
    The Device History report opens.

  6. To identify causes for access issues:

    1. Click the selected date in the Signal Update Time column to display the Device Details report.
      This report provides you with a list of posture signals that can help you to identify vulnerabilities in the selected device.

    2. Click the View Device Access Logs icon to display the application access report.
      This report provides you with the log and event data for an application during a specified time period and lets you find login errors that occurred while the user attempted to access the application.

Troubleshoot device-related issues

  1. In the EAA Management Portal navigation menu, select Reports > Device Posture.
    This redirects you to the Device Inventory tab on the Device Posture Reports page.

  2. In the Inventory tab, click View Report.
    The unfiltered Device Inventory report opens.

  3. Read your Inventory report to identify a device that belongs to the high-risk tier. Copy IdP Username corresponding to this device.

  4. In the EAA Management Portal navigation menu, select Reports > Activity.
    This redirects you to the Preset Reports tab on the Reports page.

  5. Go to the Application Access tab.

  6. In Select Criteria, select User, and in Add items paste the previously copied IdP Username value.

  7. Click View Report.

The application access report opens. This report provides you with the log and event data during a specified time period and lets you find login errors that occurred while the user attempted to access the application.

With this report, you can check if the high-risk security posture of the device caused any access issues.

Updated over 1 year ago