In the event of a data breach, no company wants to be left asking, “What happened?”
That’s why event logging has become essential. In case of a security incident, event logging lets you go back through and review user activity. Everything that happens on your internal network — every footstep and fingerprint of a potential perpetrator — is tracked. IT admins can then act like forensic investigators, going back to analyze the data and identify the cause of the breach.
JumpCloud’s Events Logging provides administrators the ability to access event data and produce the necessary reporting to answer critical questions about user access to resources. The Events API makes it efficient to extract and load the data into logging analytics systems such as Splunk. This allows you to analyze specific events that certain users may have performed against your infrastructure.
JumpCloud System Events
JumpCloud captures authentication and other important pieces of data related to user access with specific systems. The output will illuminate the IP address origination, user accounts, failure or success codes, and the critical timestamp data.
JumpCloud Administrative Console Events
Event logging will capture the modifications made by administrators including any additions, deletions, or modifications that may have been performed on specific dates and times.
JumpCloud User Portal Events
Similar to logs captured from administrative changes, any user changes performed via their portals will be captured and stored along with precise date and time stamps.
JumpCloud’s Events API outputs its logs in standard JSON, a common standard for structuring data and leveraged for integrating with larger auditing tooling and services.
- Captures a wide range of events from user account changes, system changes, script executions, and more.
- API-driven for simple access and integration needs.
- JSON output to ensure seamless integration with wider logging requirements, procedures, and tools.
- Improve PCI, HIPAA, SOX, and other compliance requirements in addition to general reporting needs with critical employee and resource interaction data.
- Get consolidated data on-demand for operational, compliance, and security issues.
- Increase IT admin productivity and lower costs by reducing logging software installation needs, and automating event logging data through JumpCloud’s Event Logging API.
To learn more, visit our JumpCloud Events API support documentation.