The following sections explain how to access the Security Analytics dashboard to view statistics relating to authentication activities and sessions, and functions common to all the pages in this dashboard.
Accessing the Analytics Dashboard
Follow the procedure below to access the Analytics Dashboard to view statistics relating to security analytics.
The Analytics Dashboard cannot be viewed using the Internet Explorer 10 and older versions.
Log into the WSO2 Analytics -IS Management Console using the following URL.
- In the Main tab, click Analytics Dashboard. Log into the Analytics Dashboard by entering your credentials in the login dialog box that appears. The following dashboard is displayed by default.
Click View to open the IS Analytics dashboard. The Security Analytics dashboard is displayed as shown in the example below.
This page displays a summary of overall login attempts, local login attempts and federated login attempts as shown above.
- If you want to view information relating to overall login attempts, click OVERALL in the left navigator to open the page with the relevant statistics. The same page can be opened by clicking See More under Overall Login Attempts. For detailed information about analyzing overall login attempts, see Analyzing Statistics for Overall Login Attempts.
- If you want to view information relating to local identity providers, click LOCAL in the left navigator. The same page can be opened by clicking See More under Local Login Attempts. For detailed information about analyzing local login attempts, see Analyzing Statistics for Local Login Attempts.
- If you want to view information relating to federated identity providers, click FEDERATED under the LOGIN ATTEMPTS in the left navigator. The same page can be opened by clicking See More under Federated Login Attempts. For detailed information about analyzing federated login attempts, see Analyzing Statistics for Federated Login Attempts.
If you want to view information relating to sessions, click SESSIONS in the left navigator. For detailed information about analyzing sessions, see Analyzing Statistics for Sessions.
Using the Security Analytics dashboard
The following sections explain common functions of the Security Analytics dashboard.
Viewing statistics for a selected time interval
At any given time, each page in the dashboard displays the statistics for a selected time interval.
- If you want to view statistics for a pre-defined time interval, click on the relevant time interval (e.g., Last 24 Hours).
- If you want to define a custom time interval, click Custom and select the start and end dates of the required time interval in the calendar that appears. Then click Apply.
WSO2 IS Analytics summarizes login and session statistics for every minute.
The table below illustrates the number of sessions terminated during the minute 21.19 - 21.20.
According to this table, a new session has started and then been terminated within the 21.19 - 21.20 time bucket. This new session is not counted as an active session for the 21.19 bucket because it was terminated within the same minute.
Working with filters
The Security Analytics dashboard allows you to add filters that allow you to update multiple gadgets in a given page to display information relating to a selected criteria.
A filter can be added only to gadgets with a Search field together with the Add Filter button.
- Access the
Security Analyticsdashboard as explained under Accessing the Security Analytics dashboards.
- Click Local in the left navigator to open the page displaying statistics for local login attempts.
- In the Search field on the By Role gadget, enter
adminand then click Add Filter as demonstrated below.
This results in all the gadgets in the page except the By Role gadget (to which the filter was added) being updated to display only information relating to the
- To remove a filter already applied to a filter, click the close (i.e. x) sign in the relevant Search field as shown below.