Get Started: Directory Insights

Directory Insights (DI) is JumpCloud's event logging and compliance feature. Directory Insights shines a light on audit trails leading up to critical events so you know the what, where, when, how, and who of your directory activities.

You can use our RESTful API, PowerShell Module, and Administrator Portal to access event logs, see activity happening in your directory, and monitor user authentications to the User Portal, SAML SSO applications, RADIUS, and LDAP. 

Directory Insights supports events from the following JumpCloud services and logs the following information:

  • Alert Events – creation and status updates of alerts in JumpCloud.
  • Directory Events – activity in JumpCloud Portals, including admin changes in the directory and admin / user authentications to the Admin and User Portals. 
  • Software (SAML) Events – user authentications to SAML applications.
  • RADIUS Events – user authentications to RADIUS used for WiFi and VPNs.
  • Systems (MacOS, Windows, and Linux) Events – user authentications to devices, including agent-related events on lockout, OS upgrades and rollback events, password changes, and Full Disk Encryption. Only SSH login events are logged for Linux devices. 
  • LDAP Events – user authentications to LDAP, including LDAP bind and search event types.
  • MDM Events – MDM command results.
  • Managed Service Provider Events – activity in JumpCloud Multi-Tenant Portal (MTP) including admin changes, organization changes, and integration events (MTP only).
  • SSO – when an authorized SSO connector is created, updated, or deleted, as well as when a user authenticates to an SSO application.
  • Password Manager – invites, activations, and deactivation of users, as well as all events related to folders and their members, including their assigned permissions.
  • Object Storage – creation, uploads, URL generation, and deletion of custom software apps.

Enabling Directory Insights

Directory Insights is included in some of our package plans. See JumpCloud Pricing for information on our package plans. To enable Directory Insights for your account, current customers can contact their Account Manager. New customers can contact us at [email protected].

Once this is available for your account, learn how to enable it in your Admin Portal in Settings in the Admin Portal - Directory Insights

Querying Directory Insights Data

After Directory Insights is enabled for your account, you can use the JumpCloud API and JumpCloud PowerShell Module to query and report Directory Insights information.

Viewing and Exporting Directory Insights Data

You can view Directory Insights data in the Administrator Portal from Insights > Directory. Learn about viewing and exporting data in the View the DI Data Activity Log.

Directory Insights Data Retention

JumpCloud stores 90 days of event logs and removes logs older than 90 days. If you want to store data for longer periods of time, our AWS Serverless Application automatically exports Directory Insights events to a customer's S3, where you have options to store events for more than 90 days. See our API docs for more information.

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case