This documentation is for WSO2 Identity Server 5.6.0. View documentation for the latest release.
Analyzing Statistics for Authentication Operations - WSO2 Identity Server 5.6.0 - WSO2 Documentation

All docs This doc
||
Skip to end of metadata
Go to start of metadata

The following sections explain how to access the Security Analytics dashboard to view statistics relating to authentication activities and sessions, and functions common to all the pages in this dashboard.

Accessing the Analytics Dashboard

Follow the procedure below to access the Analytics Dashboard to view statistics relating to security analytics.

The Analytics Dashboard cannot be viewed using the Internet Explorer 10 and older versions.

  1. Log into the WSO2 Analytics -IS Management Console using the following URL. At the minimum, users need to have "Portal" permission (/permission/admin/manage/portal) to access the dashboard.
    URL: https://<IS_ANALYTICS_HOST>:<ANALYTICS_PORT>/carbon/

  2. In the Main tab, click Analytics Dashboard. Log into the Analytics Dashboard by entering your credentials in the login dialog box that appears. The following dashboard is displayed by default.
  3. Click View to open the IS Analytics dashboard. The Security Analytics dashboard is displayed as shown in the example below.

    This page displays a summary of overall login attempts, local login attempts and federated login attempts as shown above.

  4. If you want to view information relating to overall login attempts, click OVERALL in the left navigator to open the page with the relevant statistics. The same page can be opened by clicking See More under Overall Login Attempts. For detailed information about analyzing overall login attempts, see Analyzing Statistics for Overall Login Attempts.
  5. If you want to view information relating to local identity providers, click LOCAL in the left navigator. The same page can be opened by clicking See More under Local Login Attempts. For detailed information about analyzing local login attempts, see Analyzing Statistics for Local Login Attempts.
  6. If you want to view information relating to federated identity providers, click FEDERATED under the LOGIN ATTEMPTS in the left navigator. The same page can be opened by clicking See More under Federated Login Attempts. For detailed information about analyzing federated login attempts, see Analyzing Statistics for Federated Login Attempts.
  7. If you want to view information relating to sessions, click SESSIONS in the left navigator. For detailed information about analyzing sessions, see Analyzing Statistics for Sessions.

Using the Security Analytics dashboard

The following sections explain common functions of the Security Analytics dashboard.

Viewing statistics for a selected time interval

At any given time, each page in the dashboard displays the statistics for a selected time interval.

  • If you want to view statistics for a pre-defined time interval, click on the relevant time interval (e.g., Last 24 Hours).
  • If you want to define a custom time interval, click Custom and select the start and end dates of the required time interval in the calendar that appears. Then click Apply.

When you select Last Hour as the time interval for which statistics are to be displayed, all the gadgets except data tables are updated in about 1 minute. When the time interval selected is greater than one hour, the same gadgets are updated in 5 minutes. This is because the relevant Spark scripts need to be executed in order to update the gadgets.

The data tables in each page are updated instantly.


Working with filters

The Security Analytics dashboard allows you to add filters that allow you to update multiple gadgets in a given page to display information relating to a selected criteria.

A filter can be added only to gadgets with a Search field together with the Add Filter button.

  1. Access the Security Analytics dashboard as explained under Accessing the Security Analytics dashboards.
  2. Click Local in the left navigator to open the page displaying statistics for local login attempts.
  3. In the Search field on the By Role gadget, enter admin and then click Add Filter as demonstrated below.
     
    This results in all the gadgets in the page except the By Role gadget (to which the filter was added) being updated to display only information relating to the admin role. 
  4. To remove a filter already applied to a filter, click the close (i.e. x) sign in the relevant Search field as shown below.
  • No labels