Need help analyzing report

Need help analyzing report

From the reports I've been running on ADAudit, there were a huge amount of failed login (1500+ in 24 hours).  I think this is some sort of brute force attack, but the originating IP address and client host name is coming from my exchange server.  Could someone confirm if this is a brute force attack or not and how should I correct this problem?




        New to M365 Manager Plus?
        New to M365 Manager Plus?
          New to RecoveryManager Plus?
          New to RecoveryManager Plus?
            New to Exchange Reporter Plus?
            New to Exchange Reporter Plus?
              New to SharePoint Manager Plus?
              New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial





                            Related Products