Activity Reporting
Monitoring Activity
Security activities can be monitored in three ways:
- Trust Lockdown Dashboard
- Syslog Monitoring
- Periodic Reporting
Trust Lockdown Dashboard
The "Groups with Alerts" panel provides real-time monitoring for App Policy Exceptions and Host Activity Alerts for all Security Groups, filtered by Admin Group membership, Security Group Name, and/or Organization Name.
Syslog Monitoring
Syslog events provide input for third-party monitoring tools such as Splunk, Netdata, Prometheus, Zabbix, and Logz.io for monitoring and alerting on App Policy Exceptions and Host Status Change Events.
Periodic Reporting
Weekly, Monthly, and Annual Reports provide data on both events and policy and configuration changes: Activity During the Reporting Period
- Hosts Added
- Security Groups Created
- App Policies Created
- Software Profiles Followed During Period
- Software Profiles Unfollowed During Period
Historical Activity
- Hosts in Security Groups
- Security Groups Status
- App Policies Status
- Software Profiles Followed History
- Software Profiles Unfollowed History
- Application Users (End Users) by Security Group