This documentation is for WSO2 Identity Server 5.2.0 . View documentation for the latest release.

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 

View

(Example)

Description

This gadget provides a list view of login attempts during the selected time interval. Details including the username, service provider, user store, user role, IP, whether the authentication was successful or not and the timestamp are displayed for each login attempt. The login attempts are sorted by the username by default, but they can be sorted by other fields in the ascending/descending order if required.

Info

When a user makes a failed login attempt, the role and the tent domain of the user cannot be identified by WSO2 Analytics unless the user ID is in the <User_STORE>/<NAME>@<TENANT_DOMAIN> format. When the tole and the tenant domain is not identified, NOT_AVAILABLE is displayed in the Userstore column, and the super tenant dominion is displayed in the Tenant Domain column.

e.g., If a login attempt is made using the valid user ID manager and an incorrect password, the data table displays NOT_AVAILABLE in the Userstore column, and carbon.super (i.e., the domain of the super tenant) is displayed in the Tenant Domain column.

If a login attempt is made using the valid user ID SecondaryUserStore/manager@abc.com and an incorrect password, the data table displays SecondaryUserStore in the Userstore column, and abc.com in the Tenant Domain column.

Purpose

This gadget allows you to identify the individual login attempts made during the selected time interval and view detailed information about them.

Recommended Action

Sort the records by each field available in order to identify the login patterns relating to each username, service provider, user store, user role, and IP. Deviations from the identified patterns can help you to detect unusual occurrences.