<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 19, 2018 at 10:28 AM, Peter Braun <span dir="ltr"><<a href="mailto:pbraun@redhat.com" target="_blank">pbraun@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space"><div>I also think that the most obvious metrics are:</div><div><br></div><div>* Currently logged in Users</div><div>* Failed login attempts (which could help the customer to configure the brute force detection)</div><div><br></div><div>Keycloak distinguishes between Users and Clients. Events like Login and Logout are available for both. As far as I understand <i>Clients</i> are applications that delegate to Keycloak to process authentication requests. I’m not quite sure what a Client Login then refers to in contrast to a User login. Matthias do you know more about this?</div></div></blockquote><div><br></div><div>I think service accounts or something like that - feel free to ask on #keycloak (IRC) or their ML</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space"><div><br></div><div>As for registrations: is this only counted when a new User in Keycloak is created, or also when external services (like Google OAuth, etc.) are used? Jose maybe you can try this and check which events are created?</div><div><div class="h5"><div><br><blockquote type="cite"><div>Am 18.01.2018 um 17:27 schrieb Matthias Wessendorf <<a href="mailto:mwessend@redhat.com" target="_blank">mwessend@redhat.com</a>>:</div><br class="m_-5132985938405134954Apple-interchange-newline"><div><div dir="ltr">there is something regarding brute force detection (e.g. max login failures):<div><a href="https://github.com/keycloak/keycloak-documentation/blob/master/server_admin/topics/threat/brute-force.adoc#password-guess-brute-force-attacks" target="_blank">https://github.com/keycloak/<wbr>keycloak-documentation/blob/<wbr>master/server_admin/topics/<wbr>threat/brute-force.adoc#<wbr>password-guess-brute-force-<wbr>attacks</a><br></div><div><br></div><div>IMO that's also good piece of info </div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 18, 2018 at 5:23 PM, Jose Miguel Gallas Olmedo <span dir="ltr"><<a href="mailto:jgallaso@redhat.com" target="_blank">jgallaso@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div style="font-family:arial,helvetica,sans-serif;font-size:small"><div>Hi,</div><div><br></div><div>So there is a fair amount of possible metrics to get from Keycloak. The most interesting I think are:</div><div>- Registrations</div><div>- Total Registrations</div><div>- Logins</div><div>- Logins by provider<br></div><div>- Total logged in</div><div><br></div><div>Then there are metrics for reset passwords, confirmation emails, token handling.. But I don't think there is much value on those.</div><div><br></div><div>What do you think?</div><div><br></div></div><div><div class="m_-5132985938405134954m_5168875009413817452gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div style="font-family:overpass,sans-serif;font-weight:bold;margin:0px;padding:0px;font-size:14px;text-transform:uppercase"><span>JOSE MIGUEL</span> <span>GALLAS OLMEDO</span></div><p style="font-family:overpass,sans-serif;font-size:10px;margin:0px 0px 4px;text-transform:uppercase"><span>ASSOCIATE QE, mobile</span></p><div style="font-family:overpass,sans-serif;margin:0px;font-size:10px;color:rgb(153,153,153)"><a href="https://www.redhat.com/" style="color:rgb(0,136,206);margin:0px" target="_blank">Red Hat <span><br><br></span></a></div><p style="font-family:overpass,sans-serif;margin:0px 0px 6px;font-size:10px;color:rgb(153,153,153)"><span href="tel:+34618488633">M: <a href="http://redhatemailsignature-marketing.itos.redhat.com/" style="color:rgb(0,136,206);font-size:11px;margin:0px" target="_blank">+34618488633</a> </span></p><table border="0" style="font-family:overpass,sans-serif;font-size:inherit"><tbody><tr><td width="100px"><a href="https://red.ht/sig" target="_blank"><img src="https://www.redhat.com/profiles/rh/themes/redhatdotcom/img/logo-red-hat-black.png" width="90" height="auto"></a></td></tr></tbody></table></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="m_-5132985938405134954gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Project lead <a href="http://AeroGear.org" target="_blank">AeroGear.org</a></div></div>
</div>
</div></blockquote></div><br></div></div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">Project lead AeroGear.org</div></div>
</div></div>