Anomalous Login is a method of attack such as a brute force attack by which the attacker is identifying the user name and password of the system or web page randomly. By generating the user name or password from a remote location, it can be compromised over time. From an unknown source, an attacker can try this by simulating a random number of passwords.
EventTracker agent is introducing a new kind of capability to identify Anomalous Login activity. Anomalous Login identification is based on user name and IP address.
For detailed information regarding this, refer Anomalous Login Detection in EventTracker User Guide.