> On Jul 28, 2016, at 10:51 AM, Damianos Metallidis <[email protected]> > wrote: > > In reality i am searching for a way to monitor authentication and access on > services/application that could be widely adaptable. Authentication for me > was just a simple check so i am fine with it and how to report it. > > The access monitoring control has put me into thoughts cause i need to define > metric/s of that type (being widely adaptable), but the thing is that the > community is full of services and applications and i am not sure how such a > metric is of importance in a monitoring system. > From the other hand perhaps i could refer for accessing only for RBAC > services/application starting from fortress.
Interesting idea but leads to so many questions. Is there an overview / description of this activity that can provide more details? I ask because, as I’m sure you know, there are so many ways to apply authorization inside of applications. Declarative or programmatic apis. Coarse, medium and fine-grained controls. And what types of metrics are you trying to gather here? Details about the subject, resource being targeted, date/time, or response times / throughput? What are the requirements for gathering the data - performance monitoring or security audit? Maybe if I understood a little better I could point you in the right direction. Thanks, Shawn
