Contact Us
Help Center Home > Alerts > Create an Insights Rule

Create an Insights Rule

You must set up an insights rule to select the events for which notifications will be sent via notification channels. 

To create an Insights Rule, follow these steps:

  1. Login to the JumpCloud Admin portal.
  2. To view the alerts console, you can do any of the following:
    • In the left navigation pane, go to Insights > Alerts.
    • On the home page, scroll down to the Open Alerts widget and click Go To Alerts Dashboard.
    • Click the Alerts (bell) icon on the top navigation bar.
  3. Click Rules to view the dashboard.
  4. Click +Rule. This will take you to the Rule Management section with all the predefined rule templates.
  5. Go to the Insights tab and click Rule For Event Based Alerts. You can also type the rule name in the Search bar.
  6. Leave the Enabled button as is to activate the rule immediately after saving. You can switch the button to Disable if you prefer. 
  7. Provide Rule Details:
    1. Rule Name: Enter a clear and concise name for your rule.
    2. Description: Document the purpose of the rule in the description field.
  8. In the Conditions section, select the events for which you want to send notifications.
    • You can use the Show Selected Events checkbox to view all the selected events at one go.
  9. Use the Priority dropdown to assign a priority level to the rule. This helps prioritize alerts and manage responses according to the severity of the issue. These options are available:
    • Low - Select this for alerts that are neither urgent nor highly important. They should receive fewer resources and can usually wait until they become more urgent.
    • Medium- Select this for alerts that are urgent but less important. They should receive a moderate allocation of resources.
    • High - Select this for alerts that are important and require immediate attention. They should receive the most resources to ensure they are addressed promptly.
  10. In the Alert Actions section, enable Send Notifications.
  11. Search and select the channels that you want to send notifications to.
  12. Additionally select the checkbox for each action to send notifications to the selected channels:
    • Alert Resolution: Email all users in the selected channels when an alert from this rule is resolved.
    • Alert Acknowledgement: Email all users in the selected channels when an alert from this rule is acknowledged.
  13. Click Save.

The rule will be activated and added to the Rules dashboard. If you want to Disable the rule or make any other modifications, see Use the Rules Dashboard to learn more. 

Once the rule is saved, every time the event selected in the Condition section occurs, an alert will be generated and the selected channels will receive notifications. You can view the alerts in the Alerts Dashboard. See Use the Alerts Dashboard to learn more about alerts.

You can go back to the webhook to verify the mapping in the Rules tab within the webhook channel.

Events: Insight Alerts

There are a number of events recorded in Directory Insights related to alerts and webhooks. Reference the table below for the Event Type and Description of the event as captured in Directory Insights. For more information on using Directory Insights, see View the Directory Insights Data Activity Log.

The following is a list of events that you see related to Insight Alerts.

Insight Alert Events

Event Type Description
access_management_access_request Access Management request is created.
admin_lockout An admin account is locked due to multiple login failures.
admin_password_reset_request An admin requests to reset their password.
admin_totp_disable An admin's TOTP requirement is disabled.
admin_update An admin account is updated.
association_change A user or device association / membership is updated.
device_enrollment A device is enrolled with Microsoft MDM.
passwordmanager_backup_key_regenerate A new backup key is generated.
passwordmanager_backup_request A cloud backup request is created.
saas_management_application_discover A SaaS Management application is discovered.
system_create A device is added.
system_fde_key_decrypt A device's full disk encryption key was decrypted.
system_fde_key_update A system's full disk encryption key updates.
user_activated A user account is activated.
user_admin_granted Admin granted user admin sudo privileges on device(s).
user_create_provision User created in an external application.
user_delete_provision User deletion in an external application has failed.
user_deprovision User deprovisioning in an external application has failed.
user_group_admin_grant Administrator access granted.
user_lockout A user account is locked out.
user_mfa_exclusion_expired User's MFA enrollment expires.
user_password_expired User's password expires.
user_password_reset_request User requests to change their password.
user_suspended A user account is suspended.
user_update_provision User update in an external application has failed.
Back to Top

List IconIn this Article

Notebook IconLearn More

Create Webhook Channels

Manage Webhooks

FAQ: Webhook Channels

Get Started: Alert Notifications

Configure Rules for Device Monitoring and Alerting

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case