This documentation is for WSO2 Identity Server 5.7.0 . View documentation for the latest release.

All docs This doc
Skip to end of metadata
Go to start of metadata

Following are the prerequisites that should be fulfilled, in order for the Analytics Dashboard to publish the data processed by WSO2 IS.

Step 01: Download WSO2 IS Analytics

You can either download and build the source code or download the WSO2 IS binary distribution.

The binary distribution contains the binary files for both MS Windows and Linux-based operating systems.

Follow the steps below to download WSO2 IS Analytics binary distribution. 

  1. Go to the WSO2 IS Analytics download page.
  2. Download the WSO2 IS Analytics pack.

    1. To download the pack with updates, click SIGN-IN & DOWNLOAD.  

    2. To download the pack without updates, click DOWNLOAD

    The installation prerequisites for WSO2 IS Analytics is as same as for WSO2 Stream Processor (WSO2 SP). Therefore, for detailed information about the supporting applications you need to install, see WSO2 SP Installation Guide.

Step 02: Enable Analytics in WSO2 IS

Follow the steps below to enable event publishing in WSO2 IS.

  1. Open the  <IS_HOME>/repository/conf/identity/identity.xml  file.
  2. Enable the following listeners.
    • This is the common event listener for all the types of analytics supported in WSO2 IS. 
    • This listener captures all the statistics sent to WSO2 IS Analytics as events, and redirects them to the relevant listener based on their type. 
    • This listener is required to enable both session analytics and login analytics.
    <EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityMessageHandler"
                   orderId="11" enable="true"/>
    • Enable this listener, only if you want to analyze statistics relating to logins attempted via WSO2 IS.
    • For more information about this type of analytics, see Analyzing the Local Login Attempts.
    <EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityMessageHandler"
                   orderId="10" enable="true"/>
    • Enable this listener, only if you want to analyze statistics for specific sessions in WSO2 IS Analytics.
    • For more information about this type of Analytics, see Analyzing Session Statistics.
    <EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityMessageHandler"
                   orderId="11" enable="true"/>

Step 03: Configure Event Publishers

In a fresh WSO2 IS pack, you can view all the event publishers related to WSO2 IS Analytics in the <IS_HOME>/repository/deployment/server/eventpublishers directory.

The required configurations described below are available by default. Thus, follow this section to understand the analytics-related configurations used in the process and do any modifications if required.

WSO2 Analytics presents the login and/or session data published by WSO2 IS. For this, you need to configure the event publishers.

Follow the steps below to configure the event publishers:

  1. Configure the login analytics and session analytics using the following files.

    1. Login analytics<IS_HOME>/repository/deployment/server/eventpublishers/IsAnalytics-Publisher-wso2event-AuthenticationData.xml
    2. Session analytics: <IS_HOME>/repository/deployment/server/eventpublishers/IsAnalytics-Publisher-wso2event-SessionData.xml 

      The configurations for login analytics and session analytics are almost the same except for event streams. This is because the format in which the events are captured for the two analytics are different. For more information event streams, see WSO2 SP Quick Start Guide.

      The event streams that are specified for publishers should not be modified as that would cause errors in the default configuration.

      The common properties that can be configured for event publishers in the files mentioned above are as follows.  

      Adapter PropertyDescriptionConfiguration FileExample
      Receiver URL
      • This captures the target receiver URL to which the WSO2 IS-related information are sent as events.

      • Format:

      • When specifying the thrift port, the default port offsets done for WSO2 IS Analytics should be considered, e.g., if WSO2 IS Analytics was started with a port offset of 1, the thrift port should be 7612 instead of 7611.
      • For high availability scenarios, multiple analytics receivers can be defined by configuring multiple pipe-separated URLs with the format.

      • As per the above configuration, events are published to all the defined receivers. For other ways of configuring the receiver URLs, see Collective Events.
      • For a single analytics receiver: tcp://localhost:7612

      • For multiple analytics recievers:

        <property name="receiverURL">tcp://|tcp://</property>

      • This captures the URL of the authenticator.
      • Format:

      • When specifying the SSL port, the default port offsets done for WSO2 IS should be considered, e.g., if WSO2 IS was started with a port offset of 1, the SSL port should be 7712 instead of 7711.
      • This parameter is not included in the <IS_HOME>repository/deployment/server/eventpublishers/IsAnalytics-Publisher-wso2event-AuthenticationData.xml file by default. When it is not included, the authenticator URL is derived by adding 100 to the thrift port.

      User Name

      • This captures the user name of the listener.

      • If the EnableEmailUserName property in the <IS_HOME>/repository/conf/carbon.xml is set to true, define the user name with the tenant domain.

        <property name="username">[email protected]@carbon.super</property>

        For more information, see Using Email Address as the User Name.

      • This captures the password of the listener.

      • This captures the communication protocol that is used to publish events.

      Publishing Mode
      • This captures the event publishing mode.

        • Non-blocking: This refers to asynchronous publishing.
        • Blocking: This refers to synchronous publishing.
      Publishing Timeout
      • This captures the timeout for the non-blocking publishing mode that is denoted as a positive integer.


Step 04: Change the Admin Password

Follow the steps below to change the admin password.

  1. Navigate to the <IS_HOME>/repository/deployment/server/eventpublishers/IsAnalytics-Publisher-wso2event-AuthenticationData.xml configuration file and update the admin password.

    In a fresh WSO2 IS pack the password will appear in plain text. Once you restart the pack the password gets automatically encrypted.


    statistics="disable" trace="disable" xmlns="">
    	<from streamName="" version="1.0.0"/>
    	<mapping customMapping="disable" type="wso2event"/>
    	<to eventAdapterType="wso2event">
    		<property name="username">admin</property>
    		<property name="protocol">thrift</property>
    		<property name="publishingMode">non-blocking</property>
    		<property name="publishTimeout">0</property>
    		<property name="receiverURL">tcp://localhost:7612</property>
    		<property encrypted="true" name="password">kuv2MubUUveMyv6GeHrXr9il59ajJIqUI4eoYHcgGKf/BBFOWn96NTjJQI+wYbWjKW6r79S7L7ZzgYeWx7DlGbff5X3pBN2Gh9yV0BHP1E93QtFqR7uTWi141Tr7V7ZwScwNqJbiNoV+vyLbsqKJE7T3nP8Ih9Y6omygbcLcHzg</property>

    If you want to change the admin password, include the new password in plain text in WSO2 IS event publishers.

  2. If you created a new keystore for WSO2 IS Analytics, import the public certificate of that keystore to the client­-truststore.jks of the WSO2 IS using the following command. 

    keytool -import -alias <alias> -file <file_name> -keystore client-truststore.jks -storepass wso2carbon

Step 05: Run the Servers

Follow the steps below to run WSO2 IS and WSO2 IS Analytics.

  1. Run WSO2 IS. For detailed instructions, see Running the Product.
  2. Run the WSO2 IS Analytics profiles.

    1. Run the Worker node of WSO2 IS Analytics. For detailed instructions, see WSO2 SP - Starting Worker Node.

    2. Run the Dashboard node of WSO2 IS Analytics. For detailed instructions, see WSO2 SP - Starting a Dashboard Node

  • No labels