Skip to content

Activity Reporting

Monitoring Activity

Security activities can be monitored in three ways:

  • Trust Lockdown Dashboard
  • Syslog Monitoring
  • Periodic Reporting

Trust Lockdown Dashboard

The "Groups with Alerts" panel provides real-time monitoring for App Policy Exceptions and Host Activity Alerts for all Security Groups, filtered by Admin Group membership, Security Group Name, and/or Organization Name.

Syslog Monitoring

Syslog events provide input for third-party monitoring tools such as Splunk, Netdata, Prometheus, Zabbix, and Logz.io for monitoring and alerting on App Policy Exceptions and Host Status Change Events.

Periodic Reporting

Weekly, Monthly, and Annual Reports provide data on both events and policy and configuration changes: Activity During the Reporting Period

  • Hosts Added
  • Security Groups Created
  • App Policies Created
  • Software Profiles Followed During Period
  • Software Profiles Unfollowed During Period

Historical Activity

  • Hosts in Security Groups
  • Security Groups Status
  • App Policies Status
  • Software Profiles Followed History
  • Software Profiles Unfollowed History
  • Application Users (End Users) by Security Group