The Overall Login Attempts page displays statistics relating to overall authentication activities carried out by WSO2 Identity Server. An overall authentication os a complete sequence of authentication steps. An overall authentication activity is considered a success only when authentication is successfully carried out for each step included in the sequence. A failure of even a single step within the sequence is considered a failure of the overall authentication activity.
The statistics displayed in this page include the overall success and failure rate for login attempts over time, and the distribution of login attempts over the dimensions service providers and users.
For detailed information about the common functions of the Security Analytics dashboard, see Analyzing Statistics for Authentication Operations - Using the Security Analytics Dashboard.
Login Attempts Over Time
View (Example) |
|
|---|---|
Description | This gadget indicates the following.
|
Purpose | This allows you to identify the overall login attempts handled by IS over time. As a result, you can understand the login patterns and detect deviations that may indicate unusual occurrences such as attacks, system downtime, etc. |
Recommended Action | Check the success and failure rate at different time intervals to identify login patterns (e.g., different days of the week, different hours of the day). If there is a deviation from the observed pattern, check for unusual activity (e.g., attacks, system downtime etc.). |
Login Attempts Distribution Over Top 10 Service Providers/First Time Login Service Providers
View (Example) |
|
|---|---|
Description | This gadget ranks the top 10 service providers for the selected time interval based on their successful login attempts as well as failed login attempts. The number of successful/failed login attempts for each service provider is plotted on the chart in order to provide a comparison. |
Purpose | This gadget allows you to:
|
Recommended Action | Click on the bars corresponding to different service providers to view successful and failed login attempts filtered by the selected service provider. |
Login Attempts Distribution Over Top 10 Users
View (Example) |
|
|---|---|
Description | This gadget ranks the top 10 users for the selected time interval based on their successful login attempts as well as failed login attempts. The number of successful/failed login attempts of each user is plotted on the chart in order to provide a comparison. |
Purpose | This gadget allows you to:
|
Recommended Action | Click on the bars corresponding to different users to view the successful and failed login attempts filtered by the selected user. |
Data Table
View (Example) |
|
Description | This gadget provides a list view of login attempts during the selected time interval. Details displayed for each login attempt include the context ID, username, service provider, subject step, roles, tenant domain, IP, region, whether the overall authentication was successful or not, and the time stamp. The login attempts can be sorted in the ascending/descending order by the fields in the table if required. |
Purpose | This gadget allows you to identify the individual login attempts made during the selected time interval and view detailed information about them. |
Recommended Action | Sort the records by each field available in order to identify the login patterns relating to each username, service provider, role, and IP. Deviations from the identified patterns can help you to detect unusual occurrences. |
Overview
Content Tools
Activity