Versions Compared

Old Version 7

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The following sections cover the prerequisites that should be completed in order to publish information relating to the processing carried out by WSO2 Identity Server (WSO2 IS) in the Analytics Dashboard of WSO2 Analytics - IS.

...

Enabling analytics for Identity Server

To enable publishing statistics for WSO2 Identity Server in WSO2 Analytics - IS, the following listeners should be enabled in the <IS_HOME>/repository/conf/identity/identity.xml file.

Listenerorg.wso2.carbon.identity.data.publisher.application.authentication.AuthnDataPublisherProxy
PurposeThis is the common event listener for all the types of Analytics supported for WSO2 IS. This listener captures all the statistics sent to WSO2 IS Analytics as events, and redirects them to the relevant listener based on their type. Therefore, this listener is required to enable both session analytics and login analytics.
Configuration
Code Block
languagexml
<EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityMessageHandler"
			name="org.wso2.carbon.identity.data.publisher.application.authentication.AuthnDataPublisherProxy"
			orderId="11" enable="true"/>
Listenerorg.wso2.carbon.identity.data.publisher.application.authentication.impl.DASLoginDataPublisherImpl
PurposeThis listener should be enabled if you want to analyze statistics relating to logins attempted via WSO2 IS. For more information about this type of analytics, see Analyzing Statistics for Local Login Attempts.
Configuration
Code Block
languagexml
<EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityMessageHandler"
			name="org.wso2.carbon.identity.data.publisher.application.authentication.impl.DASLoginDataPublisherImpl"
			orderId="10" enable="true"/>

  

Listenerorg.wso2.carbon.identity.data.publisher.application.authentication.impl.DASSessionDataPublisherImpl
PurposeThis listener should be enabled if you want to analyze statistics for specific sessions in WSO2 IS Analytics. A session is a time duration between a successful login and and the subsequent log out by a specific user. For more informations about this type of Analytics, see Analyzing Statistics for Sessions.
Configuration
Code Block
languagexml
<EventListener type="org.wso2.carbon.identity.core.handler.AbstractIdentityMessageHandler"
			name="org.wso2.carbon.identity.data.publisher.application.authentication.impl.DASSessionDataPublisherImpl"
			orderId="11" enable="true"/>

Configuring event publishers

Info

The required configuration details described below are available by default. Follow this section to understand the Analytics related configurations used in the process and do any modifications if required.

Configuring event publishers involve providing the information required by WSO2 IS to publish login and/or session data  to the Analytics - IS server in order to analyze the data using the Analytics Dashboard. This configuration is the same for login analytics and session analytics. The differences are as follows.

  • The configuration required for login analytics is located in the <IS_HOME>/repository/deployment/server/eventpublishers/IsAnalytics-Publisher-wso2event-AuthenticationData.xml file. The configuration required for session analytics is located in the <IS_HOME>/repository/deployment/server/eventpublishers/IsAnalytics-Publisher-wso2event-SessionData.xml file.

  • The event streams used for login analytics and session analytics are different because the format in which the events are captured for the two types of analytics are different. For detailed information about event streams, see Understanding Event Streams and Event Tables.

    Note

    The event streams specified for publishers should not be modified because that would cause errors in the existing default configuration.

     

The common properties that can be configured for event publishers in the files mentioned above are as follows.

Adapter Property
Description
Configuration file property
Example
Receiver URL

The URL of the target receiver to which IS related information is sent as events. The format of the URL is as follows.

tcp://<HOSTNAME>:<THRIFT_PORT>

Info

The default port offsets done for WSO2 Analytics - IS server should be taken into consideration when specifying the thrift port. e.g., If the WSO2 Analytics - IS server was started with a port offset of 1, the thrift port should be 7612 instead of 7611.

For high availability scenarios, multiple analytics receivers can be defined by configuring multiple URLs (comma separated) with the format below. 

{tcp://<HOSTNAME>:<PORT>,tcp://<hostname>:<PORT>, ...}

As per the above configuration, events are published to all the receivers defined. For other ways of configuring the receiver URLs, refer WSO2Event Event Receiver page. 



receiverURL

tcp://localhost:7612








for configuring multiple analytics receivers

<property name="receiverURL">tcp://al.km.wso2.com:7614, tcp://al.km.wso2.com:7615</property>



Authenticator URL

The URL of the authenticator. The format of the authenticator URL is as follows.

ssl://<HOSTNAME>:<SSL_PORT>

Info

The default port offsets done for WSO2 IS should be taken into consideration when specifying the SSL port. e.g., If the WSO2 IS server was started with a port offset of 1, the SSL port should be 7712 instead of 7711.

Info

This parameter is not included in the AuthenticationDataPublisher.xml file by default. When it is not included, the authenticator URL is derived by adding 100 to the thrift port.


authenticatorURL

ssl://localhost:7712

User Name

The username of the listener.

Info

If the EnableEmailUserName property is set to true in the <IS_HOME>/repository/conf/carbon.xml, you should define the username with the tenant domain.

e.g., <property name="username">admin@wso2.com@carbon.super</property>

For more information, see Using Email Address as the Username.

username

wso2event-user

PasswordA password for the listener.
password
wso2event-password
ProtocolThe communication protocol that is used to publish events.
protocol
thrift/binary
Publishing ModeThe events publishing mode. Non-blocking refers to asynchronous publishing, and blocking refers to synchronous publishing.
publishingMode
non-blocking/blocking
Publishing TimeoutA positive integer to denote the timeout for the non-blocking publishing mode.
publishTimeout
0

Configuring audit data publishers

This section describes how you can configure user-operations audit data publishers and identity-properties-update audit data publishers in WSO2 Identity Server.

Tip
titleBefore you begin

Deploy the common artifacts. To do this, copy the org.wso2.carbon.identity.data.publisher.audit.common-x.x.x.jar file from the  <IS_HOME>/repository/components/plugins/ directory to the  <IS_HOME>/repository/component/dropins/ directory.

Follow the below steps to configure user-operations audit data publishers:

  1. Copy the org.wso2.carbon.identity.data.publisher.audit.user.operation-x.x.x.jar file from the <IS_HOME>/repository/components/plugins/  directory to the  <IS_HOME>/repository/component/dropins/ directory.
  2. Copy the org.wso2.is.analytics.stream.OverallUserData_x.x.x.json file from the  <IS_HOME>/repository/components/features/org.wso2.carbon.identity.data.publisher.audit.user.operation.server_x.x.x/  directory to the  <IS_HOME>/repository/deployment/server/eventstreams/ directory.

  3. Add the following lines to <IS_HOME>/repository/conf/identity/identity-event.properties file.

    Code Block
    module.name.13=userOperationDataDASPublisher
userOperationDataDASPublisher.subscription.1=POST_UPDATE_CREDENTIAL
userOperationDataDASPublisher.subscription.2=POST_UPDATE_CREDENTIAL_BY_ADMIN
userOperationDataDASPublisher.subscription.3=POST_ADD_USER
userOperationDataDASPublisher.subscription.4=POST_DELETE_USER
userOperationDataDASPublisher.subscription.5=POST_SET_USER_CLAIMS

Follow the below steps to configure identity-properties-update audit data publishers

...

Copy the org.wso2.is.analytics.stream.IdPPropertiesUpdate_1.0.0.json file to the  <IS_HOME>/repository/deployment/server/eventstreams/ directory.

...

Copy the IsAnalytics-Publisher-wso2event-IdPPropertiesUpdate.xml file to the  <IS_HOME>/repository/deployment/server/eventpublishers/ directory.

Add the following lines to <IS_HOME>/repository/conf/identity/identity.xml file under the <EventListeners> tag.

...

languagexml

...

Viewing event publishers and changing the admin password

...