Management¶

Administrators¶

On the Settings > Administrators page, you can search for, add, modify, and disable/enable all administrator accounts.

Currently, there are two types of administrator account roles: Administrator and Developer:

• Administrator: Has all management permissions and can log in to the management backend and DataFlux f(x) development platform.
• Developer: Can only log in to the DataFlux f(x) development platform.

Adding an Administrator¶

On the Settings > Administrators page, click Add Administrator in the top-right corner. In the pop-up dialog box, enter the administrator account information, select role permissions, input the password, and click Confirm to add a new administrator.

Editing¶

On the Settings > Administrators page, click Edit to the right of the account, which will take you to the Edit Administrator Information page. You can modify the administrator account and role permissions here.

Resetting Password¶

On the Settings > Administrators page, click Reset Password to change the password for that administrator account.

Disabling/Enabling Members¶

On the Settings > Administrators page, click Disable or Enable to the right of the account to toggle the account status.

Note: If the currently logged-in account is disabled, the login credentials become invalid, and the user will be automatically logged out of the management backend. They will not be able to log back in until the account is re-enabled.

Basic Information¶

In the Guance management backend Settings > Basic Information page, you can customize settings such as default language, product name, logo, and browser display icons.

Additionally, you can view workspace License information and software details, including service expiration dates, DataKit quantity limits, License version, ownership, and expiration times:

Personal Settings¶

On the Settings > Personal Settings page, you can change the password for the currently logged-in account.

Mapping Rules¶

Guance Deployment Plan supports single sign-on (SSO) via OpenID Connect/OAuth 2.0/LDAP protocols and allows configuring mapping rules for these SSO accounts. After enabling mapping, you can dynamically assign access permissions to employees based on their mapped roles, allowing them to access Guance according to their assigned roles.

Besides configuring mapping rules in the management backend, you also need to configure Keycloak SSO mapping rules. Both configurations must be completed for the mapping rules to take effect.

Application Scope¶

In Management > Mapping Rules, you can choose between First Login Only and Global for the application scope of the mapping rules:

First Login Only

If you enable this option, users logging in via SSO for the first time will be dynamically assigned roles based on the mapping rules and added to the workspace.

Note: Previously logged-in SSO members are not affected by the mapping rules.

Global

If you enable this option, users logging in via SSO will have their current workspace roles revoked and reassigned based on the attributes provided by the identity provider. If no matching rule is found, the user will lose all roles and cannot access the Guance workspace.

Note: Each login involves dynamic role assignment; deleting the corresponding mapping rule in the management backend renders the workspace inaccessible to the user.

Not Enabled: Users logging in via SSO will retain previously assigned roles, unaffected by changes in identity provider assertions.

Adding Mappings¶

After configuring mapping rules, the management backend will add members to the appropriate workspaces and assign roles based on the mappings. In Management > Mapping Rules, click Add Mapping.

In the new mapping dialog box, input the required attribute field and attribute value, select the role, and click Save.

Searching/Editing/Deleting Mapped Roles¶

• Search: Filter mapped roles by workspace, role, attribute field, or attribute value.
• Edit/Delete: Click the Edit/Delete button to the right to modify existing mapped roles. Changes do not affect currently logged-in accounts but will impact future logins.

Audit Logs¶

Navigate to Management > Audit Logs to view all audit events.

Time Widget¶

By default, all audit events are listed. You can add a time range to further filter and refine the list.

Selecting a date range will list all audit events within that period. Default start time 00:00:00, default end time 23:59:59.

• After selecting a time range, click Select Time to customize the time range.
• Click Clear to remove the time filter.

Search & Export¶

Audit Event Details Page¶

Click on a specific event in the list to expand its details page. Here, you can view the attributes and content of the audit event.

Workspace Audit Events¶

You can view audit events for all workspaces.

You can filter events by workspace or time range, or directly input relevant titles and descriptions to search and locate events:

Security Settings¶

Password Rotation Policy¶

To enhance the security of the management backend, Guance Deployment Plan provides a password rotation policy. By default, Password Rotation Policy is Not Enabled.

You can choose a password validity period: 3 months, 6 months, 12 months; default is off.

Note: Seven days before the password expires, you will receive daily reminder emails about the upcoming expiration. You can reset your password via the email. The new password cannot be the same as the current one.

Login Session Management¶

Guance allows unified configuration of login session durations for front-end users. When disabled, front-end workspace members can configure session durations freely; when enabled, they must follow the set duration.

In Login Session Duration, click Modify to adjust the default login session duration, including idle session duration and maximum session duration. After setting, expired sessions will be invalidated.

• Idle session duration: Settable range 30 ~ 1440 minutes, default is 180 minutes.
• Maximum session duration: Settable range 1 ~ 7 days, default is 7 days.

Console/Management Backend MFA Security Authentication¶

Both Guance workspaces and the management backend offer mandatory multi-factor authentication (MFA) to add an extra layer of security beyond username and password. Enabling MFA requires a second verification step during login, enhancing account security.

If you prefer not to use secondary verification, you can check "Exempt from Authentication" to simplify the login process.

• Default: Members can use any authenticator app to complete MFA binding and verification.
• Custom: Members must use a specified app for MFA binding and verification, implemented via DataFlux Func. In custom MFA mode, unbinding MFA simultaneously unbinds Guance side MFA for the account.

Independent Alert Notifications¶

Guance supports sending independent alert notifications without aggregation.

In non-aggregated alert notification mode, alerts are sent every 20 seconds as individual notifications to the corresponding notification targets. You can enable/disable independent alert notifications, configuring whether alerts should be aggregated into a single notification.

Event Link Public Access¶

Alert notifications include jump links that can be publicly shared. Configuring Event Link Public Access allows these links to be accessed without login. Enabling this feature means all workspace-sent alert notification links can be viewed without login. Disabling it revokes access for all historical public links.

Login Method Management¶

Currently, you can log in to Guance console using local accounts, LDAP accounts, or OIDC. Click Modify to manage user account login methods.

• Local Account: Accounts created via Register Guance.
• LDAP Account.

• OIDC: Single sign-on via OpenID Connect protocol. Refer to:

  • Keycloak
  • Azure Active Directory

DataKit Management¶

On this page, administrators can view information about hosts where DataKit has been installed, including run ID, IP address, operating system, hardware platform, count, and DataKit version across different workspaces.

Note: For DataKit running in gateway mode, the "count" does not follow physical counts but adheres to CPU core statistics.

For managing this list:

1. Use dropdown filters for workspaces and DataKit versions.
2. Enter host name, run ID, or IP address in the search bar to locate data.
3. Select "Show Online Hosts Only" and filter hosts by data reporting intervals (last 10, 15, 30 minutes, 1 hour, 3 hours).

4. Export DataKit inventory data for troubleshooting and capacity planning.

5. Adjust displayed columns for specific list information:

Note: If the number of DataKits exceeds the license limit, monitor usage across workspaces. Renewal and additional purchases may be necessary to continue using Guance. Contact your client manager to increase DataKit usage.

Global Configuration¶

Incident Level Management¶

You can manage global incident level configurations for all workspaces from this entry point.

Note: Enabling global configuration overrides workspace-level incident level settings.

Click Add Level, choose a color block, input the level name and description, and confirm to create.

For levels, you can:

1. Edit: Modify the color, name, and description of a custom level.
2. Delete: Remove a level. If this level is used in monitors, smart monitoring, or issue auto-discovery rules, new issues will have an empty level.

Global DCA Configuration¶

DCA is the online DataKit management platform. Here, you can view DataKit runtime status and manage collectors, blacklists, and Pipelines.

Enabling this configuration syncs the DCA address to all workspaces, overriding original workspace DCA addresses.

1. Enable the switch.
2. Input the new DCA URL.
3. Click Confirm.

After enabling the new configuration, clicking "Configure DCA Address" in the workspace will pre-fill with the backend-configured address and prevent editing.

Disabling DCA configuration restores the original DCA settings in workspaces, allowing editing of DCA addresses.