1. From Your Admin Console
  2. Go to Reports > Login
  3. Select Suspicious Login under Event Name 
  4. Click Search