Monitor AuthPoint
Applies To: AuthPoint Multi-Factor Authentication, AuthPoint Total Identity Security
From the Monitor section of WatchGuard Cloud, you can see AuthPoint reports. Select Monitor > AuthPoint to see the Summary page for AuthPoint reports. If you have a Service Provider account, you will see an Overview page with aggregated data for all of your managed accounts. You can select an account to see a summary of the report data for that account and to see specific reports for that account.
Your operator role determines what you can see and do in WatchGuard Cloud. Your role must have the AuthPoint permission to view or configure this feature. For more information, go to Manage WatchGuard Cloud Operators and Roles.
In the Monitor section of WatchGuard Cloud, the AuthPoint Summary page is a dashboard that displays the aggregated data for all report types. Each tile on the Summary page gives an overview of the data for that report type. You can click the title of the tile to see a more detailed report.
WatchGuard Cloud includes these report types for AuthPoint:
User Activity
A bar graph that shows how many times each active user has authenticated, the last time each inactive user authenticated, and how and when blocked users were blocked.
Authentication
A bar graph that shows successful and failed authentication attempts for each user. For each attempt, a list shows the authentication date, the token that was used, the authentication method, and the resource the user authenticated to.
AuthPoint considers authentications that do not have a valid response to be failed authentication attempts. This includes incorrect one-time passwords, incorrect verification codes for QR code authentication, and push notifications that are not valid. AuthPoint does not consider denied push notifications to be failed authentication attempts.
Resource Activity
A bar graph of resources that shows successful and failed authentication attempts for each resource. For each attempt, a list shows which user authenticated, the authentication date, the token that was used, and the authentication method.
Denied Push Notifications
A bar graph that shows a count of how many push notifications have been denied by users.
Activation Activity
Shows a count of how many users have pending tokens and how long the tokens have been pending.
Sync Activity
Shows information about the synchronization of your LDAP database if you have added an external identity.
See Reports
Select a report type from the navigation menu to see that report. When you view a report, you see a graph of the data and a list with additional information. List items with an arrow next to them can be expanded to show additional information.
Some report types are filtered based on selections in the Filter drop-down list. In general, the filter only affects what data is displayed in the list.
- The User Activity report type is filtered by user status (active, inactive, or blocked)
- The Authentication report type is filtered by successful or failed authentication attempts
- The Resource Activity report type is filtered by successful or failed authentication attempts
Click and select a date range to limit the report data to that specific period of time. The default date range is Today, and the current selected date range is always displayed adjacent to the calendar icon.