Use case is to find out the most launched application ( last 30 days) and within that find the Person who used/launched  that application with existing tools. 

Prerequisites   :           

  1. Need to have Analytics Entitlement.
  1. If you do not see one please request one from your account representative.
Read more...

Analytics- How to use Centrify Analytics Engine

By Centrify Contributor I on ‎03-25-2017 07:25 PM - last edited ‎05-02-2017 11:26 AM

 

Prerequisites   :           

 1.   Need to have Analytics Entitlement.

  1. If you do not see one please request one from your account representative.

Pic-1.png

Centrify Analytics engine uses machine learning ( User behavior and pattern discovery )to detect user anomalies/activities and generate alerts. The Administrator can then use the “Insights” Tool” to have a dashboard view , if you need to drill into a particular data set from the dashboard that information opens in the “Explorer” view.

pic-1-a.png

Let’s get started .

 

  1. Once you open the “Analytics Portal” you will be presented with “Default Dashboards”
  2. There are 7 out of the box dashboards as we write this document
  3.  Apps ,Endpoints,MFA,Resources,Risk,User,User Experience
  4. pic-1b.png
  5. You can also create “Custom Dashboards” of your own or Import a Dashboard of particular interest shared by your colleagues from the menu shown.
  6. pic-2.png
  7. Let us take the “Apps” insights Dashboard : This dashboard Shows applications related data for users who accessed the Centrify Identity Platform. This dashboard is pre-populated using specified filters and queries
  8. pic-3.png
  9. For each data point within a dashboard, you can perform more tasks, such as    
    1. Events configurator - Shows the filters and other data used to generate the widget
    2. Expand/collapse the query window
    3. Delete the widget from the dashboard
    4. Drill into the data by clicking the widget. Opens in the Explorer view.
  10. You can add new “Widget” as shown
  11. pic-4.png
  12. Click on “Apply” once you have added the new Widget to your “Insights DashBoard”
  13. This now will give you the “Geo Location” of the App users .
  14. pic-5.png
  15. pic-6.png
  16. Once you want to drill into a query from the “Insights Dashboard” this will open in the “Explorer View”
  17. Below is a sample query for O365 application launch on 3-16-2017
  18. pic-6b.png
  19. pic-7.png
  20. You can always drill into more details of a specific data point you are interested in by
    1. Manually editing the SQL query string
    2. Manage and view default and customized queries
    3. Add more filters and data points to your query based on the existing criteria
  21. While analyzing a query on the Explorer page, you can also filter data by specific event types as shown
  22. pic-8.png
  23. This is how you can start analyzing and exploring data using Centrify Identity Analytics for endless possibilities.
  24. Please also take a look at How to Configure Risk Based Access Control - Using Analytics

    http://community.centrify.com/t5/Centrify-Identity-Service-App/How-to-Configure-Risk-Based-Access-Co...

 

How to Configure Risk Based Access Control - Using Analytics

By Centrify Contributor I on ‎03-25-2017 08:55 AM - last edited ‎05-02-2017 11:27 AM

Prerequisites   :              

1.    Need to have Analytics Entitlement.

  1. If you do not see one please request one from your account representative.

Pic-1.png

 

  1. Creating Authentication Profiles
  2. Log in to Admin Portal , Click Settings > Authentication
  3. Click Add Profile on the Authentication Profiles page
  4. Pic-2.png
  5. Select the authentication mechanism per your requirement and save the profile.
  6. Creating Authentication Rules
  7. Log in to the Admin Portal
  8. Click Policies and select the policy you want to edit or click "Add Policy Set" to create a new one
  9. Pic-3.png
  10. Under Security Policies > Login Authentication Select “Yes” in the “Enable authentication policy controls drop-down”.
  11. Pic-4.png
  12. Click on Add Rule, under “authentication Rule” define the conditions based on “Risk Level” filter and condition using the drop-down boxes as shown.
  13. Pick the “Authentication Profile” from the drop down you have created in Step-1 you want to apply if all filters and conditions are met in the “Authentication Rule”
  14. Pic-5.png
  15. You can define the authentication challenge requirements based on user risk levels “Low”, Medium” and “High” , For example, a user attempting to log in to a Centrify Identity Platform service (i.e. an application, user portal, etc.) from an unfamiliar location , the user can be prompted for an “authentication challenge” because the “Authentication Rules/ condition correlates with a medium risk level. When this same user attempts to log in from a familiar location, he is only prompted to enter a password. You can configure these requirements using authentication rules and authentication profiles in Admin Portal as shown above.

 

Showing results for 
Search instead for 
Do you mean 
Labels

Community Control Panel