Analytics Server: Dashboard does not show updated information

  • Document ID:7018375
  • Creation Date:09-Dec-2016
  • Modified Date:10-Aug-2017
    • Micro Focus Products:
      Access Manager (NAM)

Environment


NetIQ Access Manager 4.3.x
NetIQ Access Manager Analytics Server

Situation

The Dashboard feature of the Analytics Server (AS) does not show updated information received from the NetIQ Access Manager (NAM) servers it has registered itself with. For example the 'Unique users logged in' count does not increase despite the fact end-users have authenticated to the IDP in order to access a protected resource.
The Report Console of the AS does show that the NAM servers are sending information events to the AS. Also tracing the communication on TCP port 1468 at the AS show data traffic.

Resolution

1) On the AS Report Console click on 'Routing' found in the Toolbar at the top
2) Enable the SyslogRouting feature
3) Click to edit the SyslogRouting
4a) For AS4.3.0 
Set the 'Criteria' value to: (((sev:[0 TO 5]) NOT st:"I" NOT st:"A" NOT st:"P")  AND ("NIDS\: User session was authenticated" OR evt:"NIDS\: Risk based authentication action for user" OR rv40:"002E0606" OR rv40:"002E0525" OR rv40:"002E001F" OR rv40:"002E0029" OR rv40:"002E0514" OR rv40:"002E0102"))
4b) for AS4.3.1 and 4.3.2 
Set the 'Criteria' value to: (((sev:[0 TO 5]) NOT st:"I" NOT st:"A" NOT st:"P")  AND ("NIDS\: User session was authenticated" OR evt:"NIDS\: Risk based authentication action for user" OR rv40:"002E0606" OR rv40:"002E0525" OR rv40:"002E001F" OR rv40:"002E0029" OR rv40:"002E0514" OR rv40:"002E0102" OR rv40:"002E000C"))

Cause

The 'Criteria' value was incomplete and showed only: sev:[0 TO 5]) NOT st:"I" NOT st:"A" NOT st:"P"