Directory Insights (DI) is JumpCloud's event logging and compliance feature. Directory Insights shines a light on audit trails leading up to critical events so you know the what, where, when, how, and who of your directory activities.
You can use our RESTful API, PowerShell Module, and Administrator Portal to access event logs, see activity happening in your directory, and monitor user authentications to the User Portal, SAML SSO applications, RADIUS, and LDAP.
Directory Insights supports events from the following JumpCloud services and logs the following information:
- Directory Events – activity in JumpCloud Portals, including admin changes in the directory and admin / user authentications to the Admin and User Portals.
- Software (SAML) Events – user authentications to SAML applications.
- RADIUS Events – user authentications to RADIUS used for WiFi and VPNs.
- Systems (MacOS, Windows, and Linux) Events – user authentications to devices, including agent-related events on lockout, OS upgrades and rollback events, password changes, and File Disk Encryption. Only SSH login events are logged for Linux devices.
- LDAP Events – user authentications to LDAP, including LDAP bind and search event types.
- MDM Events – MDM command results.
- SSO – when an authorized SSO connector is created, updated, or deleted, as well as when a user authenticates to an SSO application.
- Password Manager – invites, activations, and deactivation of users, as well as all events related to folders and their members, including their assigned permissions.
Enabling Directory Insights
Directory Insights is included in some of our package plans. See JumpCloud Pricing for information on our package plans. To enable Directory Insights for your account, current customers can contact us at [email protected]. New customers can contact us at [email protected].
Once this is available for your account, learn how to enable it in your Admin Portal in Settings in the Admin Portal - Directory Insights.
Querying Directory Insights Data
Viewing and Exporting Directory Insights Data
You can view Directory Insights data in the Administrator Portal from Insights > Directory. Learn about viewing and exporting data in the View the DI Data Activity Log.
Directory Insights Data Retention
JumpCloud stores 90 days of event logs and removes logs older than 90 days. If you want to store data for longer periods of time, our AWS Serverless Application automatically exports Directory Insights events to a customer's S3, where you have options to store events for more than 90 days. See our API docs for more information.