Now, we\u2019ve released the JumpCloud Directory Insights Serverless application<\/a> to further empower JumpCloud administrators to expand the use and duration of their Directory Insights data. Using the power of Amazon Web Services’ Serverless architecture<\/a>, we\u2019ve provided a quick and easy way for JumpCloud admins to deploy the infrastructure required to automatically collect and store their Directory Insights data within their own AWS account.<\/p>\n\n\n\n
Once you provide the application with your JumpCloud API key<\/a>, how often you’d like your data to be collected (and an Organization ID for our MSP clients out there who use the Multi-Tenant Portal), you’ll be able to hit the \u201cDeploy\u201d button. After the application has been deployed, you can sit back and relax with the knowledge that AWS will put in all the heavy lifting by provisioning the required resources. At the end of the deployment process, you will have:<\/p>\n\n\n\n
The application will then run at your specified cadence, gather all of your Directory Insights data since the last time it ran (or since you hit “Deploy” if it is the first time), and package it up nice and neat before sending it to an S3 bucket for safe, long-term storage or for use by other products, such as a log management tool or SIEM. Below, we’ll talk a little bit more about a couple potential use cases for this serverless application.<\/p>\n\n\n\n
A common requisite for many industry standards and procedures is access to logs for a time period greater than the 90 days that an admin is able to access their Directory Insights data in the JumpCloud Admin Portal. Once you’ve deployed this app in AWS, though, you no longer need to worry about regularly backing up your JumpCloud Directory Insights Data \u2014 it will all be waiting for you in an S3 bucket whenever you need it.<\/p>\n\n\n\n
It wouldn’t be a very good “set-it-and-forget-it” solution if you had to check on it regularly to make sure it was doing its job. That\u2019s why all of the runs of this application are logged in CloudWatch, so you can configure whatever sort of reporting you need and receive alerts whenever there\u2019s an issue. We’ve also configured a custom CloudWatch metric to log every time the lambda function triggers and there are no events to collect.<\/p>\n\n\n\n
Another potential use case for the JumpCloud Directory Insights Serverless application would be to facilitate getting that data into a SIEM. Whether you simply want to aggregate all of your logs in one place or you want to configure reporting on the goings-on in your JumpCloud directory, this solution is a great option. The files stored in your S3 bucket are compressed into a JSON file containing all the data for the time period specified. Most SIEM suites should be able to ingest and interact with this sort of file, but each SIEM might handle it a little differently so be sure to check out their documentation first. If your SIEM doesn’t accept this file type, don’t hesitate to let us know via a Feature Request through the JumpCloud Admin Portal<\/a>, and we\u2019ll consider adding other file types.<\/p>\n\n\n\n
Maybe this tool doesn\u2019t fulfill your exact needs, but you\u2019re not quite sure where to start. In addition to providing this tool in AWS’ Serverless Application repository, we have also provided the full, open-source code<\/a> and instructions for how to deploy your own Serverless application on our GitHub repository. If you do use this as a jumping off point and make something incredible, we’d love to hear about it!<\/p>\n\n\n\n
If you don\u2019t yet have Directory Insights enabled for your organization, you can contact your Customer Success representative or get in touch<\/a>. Click here to learn more about getting a 360\u00b0 view of employee activity<\/a> across every endpoint.<\/p>\n","protected":false},"excerpt":{"rendered":"