Generating a token activity report

Edit online

You can generate reports to show the token activity in your IBM® Verify tenant.

Before you begin

  • You must have administrative permission or be a member of the helpdesk group to complete this task.
  • Log in to the IBM Verify administration console as an Administrator.

About this task

The reports provide the following individual user activity information:
Table 1. Individual activity information
Information Attributes Descriptions
Client name/ID
  • data.client_name
  • data.client_id
 The client name or ID of the token that is generated, revoked, or introspected.
Authentication client
  • data.auth_client_name
  • data.auth_client_id
 Identifies the authentication client,
Action data.action The action performed on the token.
Client IP data.origin The IP address of the device that made the token request.
Result data.result Success or failure.
Time Stamp time When the authentication request was made.
Location
  • geoip.region_name
  • geoip.country_iso_code
 The geographical location, region and country, where the authentication request was made.
Note: The region might not display accurately because of the way your network is configured. This is a known limitation.
Note: Transient events are no longer reported in authentication activity details. Transient events are reported in MFA reports only.

Procedure

  1. Select Reporting & diagnostics > Reports.
  2. Select the Token Activity report tile.
    It shows the token activity for the past 24 hours.
  3. Select the View Report link on the Token Activity tile.
    The summary report for the current day displays
    • The number of successful tokens that were issued.
    • The number of tokens that were revoked.
    • The number of tokens that were introspected.

    A scalable graphical representation of the number of successful tokens that were issued for the selected time period is displayed. The time period can be up to 90 days. The graph scale is based on the data sets and the time is displayed as local time. You can download a CSV summary of the activity by clicking the Table of contents icon.

  4. Optional: Select Filters to filter the results.
    You can modify the report by using filters.
    Identity
    Filter selections are username and realm.
    Source
    Filter selections are client IP and location .
    Event Details
    Filter selection are event type, client name, client type, action, result, authentication client name, and authentication rotated secret.
    You can use any combination of filters to refine your results. Select Apply filters to modify the report. The selected filters are displayed above the graph. You can clear the filters by Selecting the Reset link.
    Note: The search fields are case-sensitive.
  5. Change the date range for the report.
    Select the From and To dates to display the calendar drop downs and select the dates for the report. You can't go back more than 90 days.
    Note: The To date cannot exceed the current date.
  6. Select Run Report.
    The Report information is refreshed.
  7. Optional: Generate a CSV file for the report.
    1. Click Generate CSV.
    2. Follow the directions in Downloading a CSV report.