Account Tags

InsightIDR applies tags to accounts in your network to help you quickly identify information about your accounts.

InsightIDR Account Tags

The following are the tags that InsightIDR applies to all types of accounts:

  • Watchlist: This tag identifies accounts that are on the User Watchlist.
  • Never Expires: This tag identifies accounts with non-expiring passwords.
  • Disabled: This tag identifies accounts that have been disabled in LDAP.
  • Removed: This tag identifies accounts that have not been present in LDAP for a month or longer.

Admin Account Tags

The following are the tags that InsightIDR applies to admin accounts:

  • AWS Admins: This tag identifies accounts that are AWS admins.
  • OKTA Admins: This tag identifies accounts that are OKTA admins.
  • O365 Admins: This tag identifies accounts that are Microsoft Office 365 admins.
  • Google Admins: This tag identifies accounts that are Google admins.
  • Box Administrators: This tag identifies accounts that are Box.com admins.
  • LDAP Admins: This tag identifies accounts that are LDAP admins. If an account is an LDAP admin, InsightIDR displays the admin group(s) they’re in. If an admin account is in multiple admin groups, InsightIDR will display a tag with the number of groups the account is in. You can hover over this tag to see which groups the admin account is in.