Subscribe to Help Center RSS FeedJumpCloud Device Monitoring and Alerting provides you the ability to monitor the device fleet and key directory changes in near real time, so you can quickly identify and respond to issues that need attention. The following is a list of commonly asked questions about JumpCloud Alerts.
MacOS, Windows, and Linux devices compatible with JumpCloud Agent are supported. Mobile devices are not currently supported.
Alert frequency depends on specific rule types. Alerts rules based on directory changes or JumpCloud Agent actions are reported immediately, while other system-level checks will occur at regular intervals. The UI provides information about the update interval in the rule details as well as in the alerts generated.
Currently, alerts can be viewed and managed within the admin console only. External notifications like email and slack are on the roadmap for future releases.
Ticketing integrations will be considered for future releases.
Device group targeting differs based on the types of alert rules:
- For alerts based on JumpCloud Agent activity (e.g., command execution, policy application, software installation), the rules automatically target the device or device groups bound with the underlying objects. This means the scope of the rules will be the same as the devices or groups bound to the associated commands, policies, or software deployments.
- For alerts based on other system metrics or state (e.g., disk usage, user-initiated software changes, system availability, etc), you will have the ability to target the rules to specific device groups.
Custom script-based monitoring involves creating specific scripts that can be scheduled to run through the JumpCloud Commands module. Administrators can link these scripts to command-monitoring rules. If a script exits with a non-zero exit code, it triggers an alert. This setup allows for flexible and tailored monitoring rules.
Alerts are triggered only when a policy or script fails for the first time, indicating a change from a previously successful state or a failure on the initial run of a new script/policy. Once an alert has been generated, repeated failures will not produce additional alerts.
While our monitoring provides valuable insights, it's designed as a monitoring and alerting solution rather than a dedicated security tool. It may complement but not fully replace specialized security software.
Alerts are retained for 30 days, irrespective of their Status. After this period, they are removed from the alerts dashboard.
Yes, all changes to alert rules and triggered alerts are logged in Directory Insights under a new service called Alerts. Look for events such as rule_config_created and alert_created, among others.
Yes, you can filter and search for alerts by type, priority, or time range. You can also sort them as needed.
Legacy alerts can be accessed using the Legacy Alerts option at the top right corner of the alerts page.
In this Article
Learn More