Real-Time Monitoring Using Activity Monitors

You can use Activity Monitors to view RSA Authentication Manager activity, such as log entries, in real time. There are three Activity Monitors, each of which opens in a separate browser window and displays a different type of information.


Information Displayed

Authentication Activity

  • Which user is authenticating

  • Source of the authentication request

  • Server used for authentication

System Activity

  • Time of an activity

  • Description of activity

  • Whether the activity succeeded

  • Server where the activity took place

Administration Activity

Changes such as when users are added or deleted.

Runtime Activity Monitor in the User Dashboard

  • Log entries for real-time authentication activity over the past seven days for one user

  • Time of activity, result of activity, and description of activity

You can customize the information displayed. For example, you can use the Administration Activity Monitor to view the activity of a specific administrator, User ID, authentication agent, or security domain. You can run a command-line utility that restricts the events shown to only the activities that are within the scoped security domain of the administrator. For instructions, see Filter Activity Monitor Events Based on Administrator Scope of Authorization.

You can open multiple Activity Monitor windows at the same time. For example, you can simultaneously monitor a specific administrator, an entire user group, and an entire security domain.

You can pause the Activity Monitor and review specific log messages. When you resume monitoring, all log messages generated while the Activity Monitor was paused are added at the top of the Activity Monitor display.

If the number of new messages exceeds the number of messages selected for display, only the most recent are displayed. For example, if you configured the monitor to display 100 messages, but there are 150 new messages, only the 100 most recent are displayed.

You can also view a user’s authentication activity through the User Dashboard page in the Security Console. For more information, see User Dashboard.