We’re now in a work-from-home era. Especially now, IT administrators benefit by having a clear picture of user events and authentications across their environment.
This includes not only authentications to user workstations but also authentications to applications, networks, servers, and other resources, as well as key changes like creating and deleting users. You can use this data to monitor access patterns, troubleshoot access issues, and achieve compliance with regulations and audits.
The key to doing so efficiently is to have your reporting tied directly into your core directory platform and to have event logs automatically exported for storage and analysis. Here’s how to automate reporting across your directory endpoints — entirely from the cloud.
Directory Reporting with JumpCloud
The JumpCloud® Directory Platform is a comprehensive, cloud-based solution to manage user identities, resource access, and devices. Its system agent- and protocol-driven delivery means that you can manage access to macOS®, Windows®, and Linux® devices, RADIUS networks, LDAP-backed resources, web applications, and cloud infrastructure from a single console.
Because this cloud directory platform is uniquely positioned to integrate with virtually all your IT resources, it gives you a good vantage point to monitor activity across your environment, too. Directory Insights™ is a part of the JumpCloud directory platform that returns data about key events, including authentications, user state changes, password changes, and administrator activity.
The data is available in both a graph and a table view, directly in your web-based Admin Portal — as well as JSON and API pulls. For each authentication type, you can track user actions, as well as when, how, and from where they happened.
Customize Your View
You can customize your view of your data by sorting by service (i.e., SSO or LDAP) or event type (i.e., login attempt or admin login attempt). You can also select from dozens of filters for a further customized view.
Data is automatically collected and stored for 90 days in your Admin Portal, but you can also export and analyze it in other tools, such as SIEMs.
Automatically Export Your Data
Using a serverless application in AWS, automatically collect and store your directory endpoint data in a secure S3 bucket. You don’t have to worry about manually exporting and backing up your data from your Admin Portal — the application will do the heavy lifting.
From there, you can build reports for auditors or move your data from there to a SIEM to aggregate your data with any other logs you might have.
Learn More about Integrated Directory Reporting
The following customer use cases will help you learn more about how IT teams put Directory Insights to use in their environments:
- The IT team at Sapling, a people operations platform, uses Directory Insights to monitor user activity, track user access patterns, and verify that new users or existing users who change roles have proper access rights — as well as build reports for regulatory compliance.
- The team at Chase International, a luxury real estate firm, is using Directory Insights data to inform their decision making about if and when to return to working in the office.