[aerogear-dev] Keycloak Metrics

Matthias Wessendorf mwessend at redhat.com
Fri Jan 19 04:49:53 EST 2018


On Fri, Jan 19, 2018 at 10:28 AM, Peter Braun <pbraun at redhat.com> wrote:

> I also think that the most obvious metrics are:
>
> * Currently logged in Users
> * Failed login attempts (which could help the customer to configure the
> brute force detection)
>
> Keycloak distinguishes between Users and Clients. Events like Login and
> Logout are available for both. As far as I understand *Clients* are
> applications that delegate to Keycloak to process authentication requests.
> I’m not quite sure what a Client Login then refers to in contrast to a User
> login. Matthias do you know more about this?
>

I think service accounts or something like that - feel free to ask on
#keycloak (IRC) or their ML


>
> As for registrations: is this only counted when a new User in Keycloak is
> created, or also when external services (like Google OAuth, etc.) are used?
> Jose maybe you can try this and check which events are created?
>
> Am 18.01.2018 um 17:27 schrieb Matthias Wessendorf <mwessend at redhat.com>:
>
> there is something regarding brute force detection (e.g. max login
> failures):
> https://github.com/keycloak/keycloak-documentation/blob/
> master/server_admin/topics/threat/brute-force.adoc#
> password-guess-brute-force-attacks
>
> IMO that's also good piece of info
>
> On Thu, Jan 18, 2018 at 5:23 PM, Jose Miguel Gallas Olmedo <
> jgallaso at redhat.com> wrote:
>
>> Hi,
>>
>> So there is a fair amount of possible metrics to get from Keycloak. The
>> most interesting I think are:
>> - Registrations
>> - Total Registrations
>> - Logins
>> - Logins by provider
>> - Total logged in
>>
>> Then there are metrics for reset passwords, confirmation emails, token
>> handling.. But I don't think there is much value on those.
>>
>> What do you think?
>>
>> JOSE MIGUEL GALLAS OLMEDO
>>
>> ASSOCIATE QE, mobile
>> Red Hat
>>
>> <https://www.redhat.com/>
>>
>> M: +34618488633 <http://redhatemailsignature-marketing.itos.redhat.com/>
>>
>> <https://red.ht/sig>
>>
>
>
>
> --
> Project lead AeroGear.org
>
>
>


-- 
Project lead AeroGear.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20180119/d8cd7e9c/attachment.html 


More information about the aerogear-dev mailing list