Skip to main content
Sumo Logic

Install the OneLogin App and view the Dashboards

The Sumo Logic App for One Login helps you monitor the overall health of your OneLogin deployment. Dashboards keep an eye on errors being generated by back-end applications as well as errors generated from ELB instances.

Install the Sumo Logic App

Now that you have set up collection for OneLogin, install the Sumo Logic App for OneLogin to use the preconfigured searches and Dashboards that provide insight into your data. 

To install the app:

  1. Select App Catalog, search for and select the app, and click Add to Library. (In the classic UI, click Library, click Apps, select the app, and click Install. If you don't find the app under Apps, it might be a preview app. Try clicking Preview to find the app.)
  2. Click Preview Dashboards if you'd like to see a preview of the dashboards included with the app before installing.
  3. In the Install Application dialog box, select the installation path (the default is the Personal folder in the library), or click New Folder to add a new folder.
  4. Select either of these options for the log data source.
  • Choose Select from Existing Source Categories, and select the source catalog from the Source Category list.
  • Choose Enter a Custom Data Filter and enter a custom source category beginning with an underscore. Example: (_sourceCategory=MyCategory).
  1. Click Add to Library.

Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.

Panels will start to fill automatically. It's important to note that each Panel slowly fills with data matching the time range query and received since the Panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps. 

Dashboards

The Sumo Logic App for OneLogin helps you monitor the overall health of your OneLogin deployment. Dashboards keep an eye on errors being generated by back-end applications as well as errors generated from ELB instances. The OneLogin App offers three dashboards to help you track OneLogin events.

Overview

One Login Overview

Visitor Locations. See the count and location of visitor IP addresses over the last 24 hours on the world map.

Events by App. See events from the last 24 hours by application name in a pie chart and compare app usage.

Logins by Country. See the count of number of logins by country name displayed in a table to get an idea of your visitor traffic by country in the last 24 hours.

Event Outlier Over Time. See the events that fall outside the normal range for the last 24 hours.

Failed Login Outlier. See any logins over the last 24 hours that fall outside the specified failed login threshold.

Successful Login Outlier. See any logins over the last 24 hours that fall outside the specified successful login threshold.

Top 10 Users by Events. View the top 10 users by number of events for the last 24 hours to identify heavy activity.

App Monitoring

OneLogin App Monitoring

Event Distribution by App. See the percentage of events by application in the last 24 hours as a pie chart to identify the event distribution by apps having the most events recently.

Event Distribution by Event ID. See the percentage of each user action by Event ID for the last 24 hours as a pie chart to identify the apps having the most activity recently.

Logins by App. See the percentage of logins by application in the last 24 hours as a pie chart to identify the apps having the most events recently.

Top 10 Provisioning Errors and Warnings. See the top 10 provisioning error messages and warnings issued by OneLogin by count for the last 24 hours.

Failed Actions. See the error descriptions of failed actions and a count of the occurrence for the last 24 hours displayed in a table to identify possible issues.

Security

Security

User Activity. View the count of user activities by username as a bar chart for the last 24 hours as a bar chart to quickly identify unusual user activity.

Password Changes. See the count of password changes by username as a bar chart for the last 24 hours to quickly identify any unusually high numbers of password changes by a particular user.

Logins by Country. View the count of the logins by country in the last 24 hours to identify any unusual activity by country.

Users Created in Apps. See the number of users created in applications in the last 24 hours as a column chart. You can filter by app name to track the count of a particular app.

Assumed Users. View the details such as the timestamp, destination user, notes, source user, and count for the event when one user acted as another user in the last 24 hours.

Failed Logins. See the number of login failures by username in the last 24 hours on a bar chart to identify any unusual activity. You can filter by username as needed.

Successful Logins. See the number of successful logins by username in the last 24 hours to identify any unusual activity. You can filter by username as needed.

User Modifications. See user modifications by timestamp, destination user, source user, notes, and error description for the last 24 hours displayed in  table. You can filter by time, user name, source user, or error description as needed to track unusual behavior.