Our customers often ask us, is Directory Insights™ just logging? The short answer is that Directory Insights is far more than just event logs. Read on to learn more about this feature and why it’s unlike any directory event logging tool you’ve used.
Why Directory Insights?
Many IT administrators and managed service providers (MSPs) need visibility across their organization’s devices, identities, and resource access controls for monitoring, security, and meeting compliance. Often, this visibility comes in the form of event logging data captured by their directory service or other identity management solutions.
As a directory platform, JumpCloud provides many services through a single solution — covering cloud RADIUS, LDAP, SSO, MDM, and others — each with a different type of log format with varying levels of detail. While an admin can figure out what’s going on with a particular user on a particular service, a broader level of understanding over their cloud directory platform as a whole is needed. Given the breadth of user actions and resources you can authenticate to with JumpCloud, how this data is presented is what matters most for informed decisions.
You may have used other log analysis and management solutions for directory data. Many of those solutions are expensive and challenging to implement due to a great deal of integration requirements. The log for each authentication protocol or service needs to be custom fed into the analysis solution, taking up admins’ time. We didn’t want to force our customers to have to go through that expense and hassle to understand at a deep level what their users were accessing, when, how, and where – which they absolutely need to know.
After all, identity and access data sits at the core of every organization’s most critical operational data — by creating a database of each customer’s directory platform data, we could provide far more insights than just handing out raw log files.
So, we decided that we would build our own solution that would provide much deeper insights across users, organizations, services, and more. The idea was to leverage the raw event logs as the base, but enrich that raw data with a number of other data points, then sessionize the data through post-processing, and allow for a wide range of analysis. In short, we would convert the raw logs into database events that could be queried in real time.
What Directory Insights Provides
The Directory Insights architecture ensures that we can take in events from anywhere in our platform — including authentication events through various protocols, system authentication events, end user changes to their identity and attributes, and admin changes. Virtually anything that is happening across our platform is tracked through Directory Insights in order for admins to have full visibility of their identities and how they are being used.
Ultimately, through the use of Directory Insights, IT admins and MSPs can prevent identity compromises and breaches, support compliance and policy initiatives, and troubleshoot operational problems. Although raw event logs form the basis for those activities, they are hardly possible without all of the post-processing that is done through Directory Insights, making it much more than a simple logging tool. We want to provide our customers with insights and actionable information, not just data points, which is why we challenge the description of Directory Insights as just logging.
Try Directory Insights for Free
The perspective, though, is ultimately yours. That’s why we offer all of our JumpCloud Free accounts our premium services such as Directory Insights and System Insights™ as well. Try it out for free and see what you think. Please let us know as well – we always appreciate the feedback.