Changing security settings for an Analyzer
In a Real User Analyzer, a Security user can enable or disable security features for services.
To configure the following security features for services, point to Administration > Security settings and click Services.
- SNMP — When SNMP is enabled, you can configure the system as a managed network device that sends SNMP traps.
- Configuration API access — When configuration API access is enabled, you can configure the Watchpoints and custom fields via the Configuration API in addition to the web interface.
- Alerts — When incident and error alerts are enabled, you can configure the system to send alerts via email to recipients when certain events occur.
- Secure REST APIs — When Secure REST APIs is enabled, you can use the rest call API in a secure (HTTPS) or non-secure mode (HTTP). If it is disabled, you can only use the the rest call API in a secure (HTTPS) mode.
The storage of raw site traffic data — When the data storage is enabled, the system stores data about individual hits, pages and sessions to support drilling down and export functionality in the Session Browser.
Enabling or disabling session data storage does not impact other features, such as reports, Watchpoint streaming, and bulk data export.
Disabling this feature might increase the system performance.
Disabling this feature prevents any further data from reaching the Session Browser and renders the data storage configuration irrelevant.
- Launching URLs in a browser window from the Session browser — When the URL launch feature is enabled, users can launch URLs from monitored traffic displayed in the web interface of the system.
- A prelogin message — When the prelogin message is enabled, the system displays a custom message on the logon page.
To customize this message, click Edit on the Action menu for Pre-login message. Maximum length of the message is 1024 characters, HTML is not allowed.
Automatic page reload — When automatic page reload is enabled, some pages automatically reload themselves after a predefined interval. This function is useful if you want to monitor data in near-real time without manually refreshing the page repeatedly.
The automatic page-reload function might prevent inactive user sessions from timing out.
- Inactive session timeout period — Click Edit on the Action menu for Inactive session timeout period.
- Minimum: 5 minutes
- Maximum: 48 hours
- Bulk data export — When bulk data export is enabled, external applications can use the system as a source for data mining, warehousing, and other integrations (via HTTPS interfaces).
- Watchpoint streaming — When enabled, external applications can tap directly into the system data-processing engine to receive real-time data feeds.
Nonsecure data transfer — By default, URL-based data exports (whether for export APIs or for Watchpoint streaming) use a secure connection (HTTPS). When nonsecure data transfer is enabled, you can specify that the actual data delivery might use a nonsecure connection (HTTP) to achieve faster transfer rates with minimal impact on the system.
A request for nonsecure delivery is still required to perform authentication using a secure connection. The nonsecure data transfer flag is limited to allowing the actual delivery to be nonsecure.