Once you turn on Allow user sign-in data in Control Hub, user sign-ins and sign-outs are logged and can be retrieved through the public API. You can then view and analyze the data in security applications such as UEBA and SIEM, which can run their machine learning algorithms to discover suspicious and malicious behaviors, detect attack vectors, and identify compromised passwords.

Webex stores the data for 12 months.

This feature is only available to customers with Pro Pack for Control Hub.
1

Sign in to Control Hub, then under Management, select Organization Settings.

2

In the User sign-in data section, toggle on Allow user sign-in data.

3

Go to List Security Audit Events to retrieve the data.