This paper considers the problem of internal threats caused by the actions that are performed by the employees who have legal access to the company’s data or by the intruders who compromise the employees’ accounts. Account compromise is considered a serious threat to information security, and it may lead to data theft or system disruption. The presented study contributes to the better understanding of detecting suspicious user behavior based on the data collected from the standard audit logs. A possible solution to this problem is a system for detecting the outliers in standard audit logs and extended user data, which may be a sign of abnormal (suspicious) user behavior. Data outlier detection is based on the log analysis with manually labeled data using the IsolationForest classifier with the adjusted parameters. The machine learning methods support heterogeneous data with different behavioral patterns for each user. Moreover, the increase of feature space using FingerPrintJS library provides higher accuracy of detecting abnormal user behavior.