Document toolboxDocument toolbox

User tab

Owned by Juan Tomás Alonso Nieto (Deactivated)
Jul 06, 2022
4 min read

The User tab shows information about the users that are using the domain and is focused on detecting any suspicious activity from the users' point of view.

This tab is composed of a single section (User info), which includes the following widgets:

Unique users

This widget shows the number of unique user connections to the domain, using the HyperLogLog++ Count Estimation (hllppcount) function over the time interval specified. This information is useful to detect any abnormal activity in the domain connections.

Here are a few tips to get the most out of this widget:

  • Move your mouse over the chart to display a tooltip that contains detailed information about the series plotted in the chart.

  • Click and drag across a section of the chart to zoom to the time period in the chart. Click Reset zoom to go back to the default view.

  • Click a data series in the chart legend to hide or show the series in the chart. 

Users geopositions

This widget shows the geolocations of the users connected to the current domain in the time interval specified, using their public source host IP4. It is useful to detect connections from unusual countries or cities.

Here are a few tips to get the most out of your heatmap widget:

  • Click the color indicators that represent the number of users in an area to zoom into the map. The number of users will be broken down in the corresponding areas as you zoom in.

  • Use the + and - buttons to adjust the zoom level. Alternatively, you can hold the CTRL key and scroll the mouse wheel.

  • Select the button in the top right corner of the map to activate the full-screen mode. Click it again to restore the default view.

  • Apply the Map or Satellite views to the map using the buttons in the top left corner.

  • Click the Google logo to see the area displayed in the map on Google Maps.

User agent info

This table shows the browser and operating system used by the users in a domain to navigate through the application, using the HyperLogLog++ Count Estimation (hllppcount) function over the selected time period. This information can help to detect users accessing the application with an unapproved browser.

Use the Previous and Next buttons at the bottom of the table to navigate through the different table pages.

User logged time

This table shows the count of days and total time users have been logged for the whole specified period.

Use the Previous and Next buttons at the bottom of the table to navigate through the different table pages.

Access to applications

This widget shows a timeline that indicates the number of times users have accessed an application in a domain in the time interval specified. This may be useful to check variations in normal application activity. 

Here are a few tips to get the most out of this widget:

  • Move your mouse over the chart to display a tooltip that contains detailed information about the series plotted in the chart.

  • Click and drag across a section of the chart to zoom to the time period in the chart. Click Reset zoom to go back to the default view.

  • Click a data series in the chart legend to hide or show the series in the chart. 

Top 10 queried tables from web UI

This widget shows the most accessed tables from the search window, and the total number of times they were accessed over the selected period of time. Note that this only takes into account queries performed in the search window, and ignores queries run with the API or in Activeboards.

Here are a few tips to get the most out of this widget:

  • Move your mouse over the chart to display a tooltip that contains detailed information about the series plotted in the chart.

  • Click and drag across a section of the chart to zoom to the time period in the chart. Click Reset zoom to go back to the default view.

  • Click a data series in the chart legend to hide or show the series in the chart. 

Total queries from web UI

This widget shows the total number of queries performed in the search window over the selected period of time. Note that this only takes into account queries performed in the search window, and ignores queries run with the API or in Activeboards.

Here are a few tips to get the most out of this widget:

  • Move your mouse over the chart to display a tooltip that contains detailed information about the series plotted in the chart.

  • Click and drag across a section of the chart to zoom to the time period in the chart. Click Reset zoom to go back to the default view.

  • Click a data series in the chart legend to hide or show the series in the chart.Â