JumpCloud Device Monitoring and Alerting provides you the ability to monitor the device fleet and key directory changes in near real time, so you can quickly identify and respond to issues that need attention. The following is a list of commonly asked questions about JumpCloud Alerts.<\/p>\n\n\n\n
MacOS, Windows, and Linux devices compatible with JumpCloud Agent are supported. Mobile devices are not currently supported. <\/p>\n<\/div><\/div><\/div>\n\n\n\n
Alert frequency depends on specific rule types. Alerts rules based on directory changes or JumpCloud Agent actions are reported immediately, while other system-level checks will occur at regular intervals. The UI provides information about the update interval in the rule details as well as in the alerts generated.<\/p>\n<\/div><\/div><\/div>\n\n\n\n
Currently, alerts can be viewed and managed within the admin console only. External notifications like email and slack are on the roadmap for future releases.<\/p>\n<\/div><\/div><\/div>\n\n\n\n
Ticketing integrations will be considered for future releases.<\/p>\n<\/div><\/div><\/div>\n\n\n\n
Device group targeting differs based on the types of alert rules:<\/p>\n\n\n\n
Custom script-based monitoring involves creating specific scripts that can be scheduled to run through the JumpCloud Commands<\/strong> module. Administrators can link these scripts to command-monitoring rules. If a script exits with a non-zero exit code, it triggers an alert. This setup allows for flexible and tailored monitoring rules.<\/p>\n<\/div><\/div><\/div>\n\n\n\n Alerts are triggered only when a policy or script fails for the first time, indicating a change from a previously successful state or a failure on the initial run of a new script\/policy. Once an alert has been generated, repeated failures will not produce additional alerts.<\/p>\n<\/div><\/div><\/div>\n\n\n\n While our monitoring provides valuable insights, it’s designed as a monitoring and alerting solution rather than a dedicated security tool. It may complement but not fully replace specialized security software.<\/p>\n<\/div><\/div><\/div>\n\n\n\n Alerts are retained for 30 days, irrespective of their Status<\/strong>. After this period, they are removed from the alerts dashboard.<\/p>\n<\/div><\/div><\/div>\n\n\n\n Yes, all changes to alert rules and triggered alerts are logged in Directory Insights<\/strong> under a new service called Alerts<\/strong>. Look for events such as rule_config_created<\/code> and alert_created<\/code>, among others.<\/p>\n<\/div><\/div><\/div>\n\n\n\n