Monitoring and reporting
- Sync server monitoring
- Scheduled tasks
- Scheduled jobs
- Audit
- Access logs
- Sessions
- Console log
- Privileged accounts dashboard
- Search in PAM recordings
- Issues
Sync server monitoring
Description
Soffid provides a monitoring functionality to consult all the information of the different agents and the status of each one of them and the amount of tasks assigned. Consequently, it allows diagnosing possible incidents in a quick and easy way.
This option allows you to manage all the options related to the tasks created according to the configuration of each of the agents.
Sync server
Shows a list with the URL of all the sync servers that you have configured and the options to perform for every sync server.
💻 Image
Agent Status
The graph of agent status shows the number of agents connected (green light) and the number of agents disconnected (red light). By clicking on the captions you can select if you want to show only the connected agents, only the disconnected agents, or both agents.
💻 Image
View Agents
Allows you to access a new window with the information of every single agent. That page shows a list with the information about Agent, Number of the pending tasks, the Status, and the URL of the agent.
If you click one of the agents, Soffid will display all the pending tasks for that agent. If you click on one pending task, you can view the details of that task and you could perform the actions available for that depending on your permissions.
💻 Image
View Tasks
Displays a matrix with all the agents configured, all the tasks, and the status of the task for each agent. You can reload the matrix with the updated tasks.
The available status for a task are:
- Done (green light): finished tasks.
- Pending (yellow light).
- Error (red light).
If you click on one error task, Soffid will display the details of that task, the basic data, and the specific data about Execution time, Error message, Scheduled and Log detail, and Soffid will allow you to perform the available actions. If you click on one pending task, you can perform the available actions.
💻 Image
Get log
Allows you to download the Sync Server log file.
Stats
Displays the performance (tasks per minute) graph of the synchronization servers.
💻 Image
Restart server
Allows you to restart the synchronization server that hosts any agent. Soffis will ask for your confirmation before performing that action. If you confirm, the server will be restarted.
Additional information
Display the additional information of Soffid
💻 Image
Tasks
Active tasks
Displays a graph with information about the tasks pending to be performed on the different systems.
Tasks by server
Displays a graph with information about the tasks for each server.
View Agents
Displays a view with a list of agent tasks, regardless of which synchronization server they are running on.
Not scheduled tasks
Displays a view with a list not scheduled tasks. At that view, you can cancel and release the held tasks
💻 Image
Screen overview
Related objects
Agent actions
| Get log |
Soffid displays the log trace. |
| Reset | Allows you to restart the synchronization server that hosts any agent. Soffis will ask for your confirmation before performing that action. |
Tasks actions
| Cancel task |
Allows you to cancel a specific task. Soffid will ask for your confirmation, if you confirm, that task will be canceled. |
| Prioritize | Allows you to release a specific task. Soffid will ask for your confirmation, if you confirm, that task will be executed. |
Scheduled tasks
Description
Schedule tasks display all the automatic tasks defined on Soffid, the scheduling of each task, and information about the last execution. Also, allows administrator users to update the execution of that tasks using a cron pattern and init the execution.
Screen overview
Scheduled tasks list
Schedule task detail
Standard attributes
Schedule
- Enabled: if it is selected (value is Yes), the task will be perform on scheduled defined.
- Task description: brief description of the task
- Month: number of the month (1-12) when the task will be performed.
- Day: number of the day (1-31) when the task will be performed.
- Hour: hour (0-23) when the task will be performed.
- Minute: minute (0-59) when the task will be performed.
- Day of week: number of the day (0-7 where 0 means Sunday) of the week when the task will be performed.
- Server: where the agent is running.
- Start date: start date and time of the last execution.
- End date: end date and time of the last execution.
- Status: The available status for a task are:
- Done (green light): finished tasks.
- Pending (yellow light).
- Error (red light).
For each value of month, day, hour, minute, or day of the week:
- * means any month, day, hour, minute, or day of week. e.g. */5 to schedule every five minutes.
- A single number specifies that unit value: 3
- Some comma separated numbers: 1,3,5,7
- A range of values: 1-5
Current execution
- Start now: this allows you to launch the task execution.
Last execution
- Status: The available status for a task are:
- Done (green light): task finished.
- Pending (yellow light): task has been started but it has not finished yet.
- Error (red light): task could not be executed.
- Start date: start date and time of the last execution.
- End date: end date and time of the last execution.
- Execution log: log trace. Allows you to download the log file.
Previous executions
List with the information about the previous executions:
- Start date: start date and time of the execution.
- Status: status of the execution.
- Execution: log of the execution. Allows you to download the log file.
Actions
Scheduled tasks query actions
|
Add or remove columns |
Allows you to show and hide columns in the table. |
|
Download CSV file |
Allows you to download a CSV file with the scheduled tasks. |
Scheduled Task detail actions
|
Apply changes |
Allows you to save the data of scheduled tasks. To save the data it will be mandatory to fill in the required fields. |
|
Start now |
Allows you to launch the task execution. |
|
Undo |
Allows you to undo any changes made. |
|
Logs |
Allows you to download the log file. |
Scheduled jobs
Description
Schedule jobs display all the asynchronous tasks generated for the workflows engine. When a job is finished, it will disappear from that list.
Standard attributes
- ID: job identifier.
- Name: job name.
- Process: process identifier and description.
- Next Rerun: date and time scheduled for next execution.
- Failed Attempts: number of failed attempts.
- Status
Actions
Scheduled jobs query actions
|
Add or remove columns |
Allows you to show and hide columns in the table. |
|
Download CSV file |
Allows you to download a CSV file with the information of the scheduled jobs. |
Scheduled Task detail actions
|
Resume |
Allows you to resume the task |
|
Hold |
Allows you to retain the task. |
|
Close |
Allows you to close the window without perform any action. |
Audit
Description
The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported.
Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g.
// User changes trace
calendar ge "2020-01-01T00:00:00.000+01:00" AND user co "admin"
// User actions trace
calendar ge "2020-01-01T00:00:00.000+01:00" AND author co "admin"
// Soffid accounts
calendar ge "2020-01-01T00:00:00.000+01:00" AND user co "admin" AND database co "soffid"
// Created accounts
calendar ge "2020-01-01T00:00:00.000+01:00" AND action co "C" AND object co "SC_ACCOUN"
// Removed objects
calendar ge "2020-01-01T00:00:00.000+01:00" AND action co "D" AND object co "SC_ACCOUN"
- Date/Time: date on which the action was performed.
- Author: user who launched the task. When the author is empty, the Syncserver launched this task.
- Purpose: is the name of the internal object (also the table of the database) which the action was performed.
- Source IP
- User: identity who performed the action.
- Information system: details on which information system the action was performed.
- Role: details the role with which the action was performed.
- Account: if the action has taken place on an account, it will be indicated on which one in this section.
- Group: details the group with which the action was performed.
- Action: the task performed is specified.
Actions
| Query | Allows you to query accounts through different search systems, Quick and Advanced. |
| Add or remove columns | Allows you to show and hide columns in the table. |
| Download CSV file | Allows you to download a csv file with the information of audit records. |
Access logs
Description
The access log page allows querying all the information about the opened sessions.
Note that any session that was active during the specified date will be shown, even when it started before of finished after that date.
- Type
- Protocol: access protocol.
- SSO
- SAML
- PAM
- CONSOLE
- Start date: date and time when start the access.
- End date: date and time when end the access.
- Session: session identifier.
- Server
- Client
- User: user who perform the access.
- Information: additional connection information.
- When the information is about the Authentication method, there are the following options:
- P: Password
- K: Kerberos
- E: Broker
- O: OTP
- M: Email
- S: SMS
- I: PIN
- C: Certificate
- F: Finger print
- Z: Push
- When the information is about the Authentication method, there are the following options:
Actions
| Query | Allows you to query accounts through different search systems, Quick and Advanced. |
| Add or remove columns | Allows to show and hide columns in the table. |
| Download CSV file | Allows to download a CSV file with the information of access logs. |
Sessions
Description
The sessions page displays the current open sessions made with ESSO, WSSO or PAM for which the user is the owner.
This functionality allows the owner users, with appropriate privileges, to open and view online a session opened by another user. It also allows them to interact if necessary.
- User: name of the user who opened the session.
- Device: IP from which the connection was executed.
- Client
- Type:
- ESSO
- WSSO
- PAM
- Service URL: connection URL
- Account name: user account name to connect.
Actions
| Add or remove columns | Allows to show and hide columns in the table. |
| Download CSV file | Allows to download a CSV file with the information of access logs. |
Console log
Description
That option allows you to look up server logs from the console. The logs are created on the server filesystem.
Screen Overview
Actions
| Download | Allows you to download the log file |
Privileged accounts dashboard
Description
Soffid provides a monitoring functionality to consult all the information about the different Jump servers installed and configured.
The displayed info is the following:
- Jump server enabled accounts.
- High-privileged accounts.
- Jump server sessions.
- Used storage by PAM storage server.
- Free storage by PAM storage server.
- User with access to PAM jump servers.
Screen overview
Related objects
- Jump servers: Configure PAM session servers
- High-privileged accounts: Accounts
To activate this view you will need to enable the Feed statistic tables task on the Scheduled tasks page.
Search in PAM recordings
Description
Soffid provides the functionality that allows searching for information about the PAM recording sessions.
That option is located on Main Menu > Administration > Monitoring and reporting > Search in PAM recordings
First of all, to query the PAM recording, you could apply some filters to refine your search. Then, when you click the Search button, Soffid will show you all the recording sessions that comply with the criteria specified.
If you click on one record, Soffid will show you a new page with all the data about the session and the recorded video. If you query with a typed keys filter, a bookmark with the minute and second will show, and it will allow you to go directly to that point and view the action.
Screen overview
Standard attributes
- Jum server group: used to connect to the system.
- URL: service URL
- Typed keys: allows you to search in PAM recording
- Typed keys by the user on the system.
- Other information:
- violation of rule
- Ctrl
- "[ctrl]+l"
- "[ctrl]+d"
- ...
- Other information:
- Screenshot contents by screen content
- Typed keys by the user on the system.
- User name: user who created the session.
- Start date
Actions
|
Download CSV file |
Allows you to download a CSV file with the PAM recording information. |
|
Search |
Allows you to query the PAM recording by applying some filters. |
|
View recording |
Allows you to view the recording. You need to click on the record of the PAM recording that you want to view, then Soffid will show you a new page with all the information about the session and the recording video. |
Issues
Definition
Soffid provides a tool to manage all issues and allows you to perform the operations available for each type of task. The actions to be performed will depend on each kind of task.
You can find this functionality in the following path:
Screen Overview
Issues
Related objects
Standard attributes
- Issue number: an incremental number to identify the issue.
- Created on: date of creation.
- Issue type: issue list defined by Soffid.
- Description: a brief description of the issue.
- Times: number of times the issue has been repeated.
- Status: possible task status. There are three available statuses:
- New
- Acknowledged
- Solved
- Exception: Error occurred
- jobName
- Actor: owner of this issue.
- Actions log: each of the actions that have been carried out on the issue.
Actions
Issues query action
| Download CSV file | Allows you to download a CSV file with the issue data. |
|
Add or remove columns |
Allows you to show and hide columns in the table. You can also set the order in which the columns will be displayed. The selected columns and order will be saved for the next time Soffid displays the page. |
Issue detail
| Close | Allows you to quit without applying any changes. |
| Acknowledge |
Allows you to check as Acknowledged |
| Solve issue |
Allows you to mark as solved the issue. |
| Send custom email | Allows you to send a custom email to one recipient. |
| Add Comments | Allows you to add comments to the Action logs. |
account-created
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
disconnected-system
💻 Image
discovered-host
💻 Image
discovered-system
💻 Image
duplicated-user
💻 Image
|
Mege users |
If you click this option, Soffid will allow you to merge the identities by selecting the data of each of them. 💻 Image
|
failed-job
💻 Image
enabled-account-on-disabled-user
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
global-failed-login
💻 Image
integration-errors
💻 Image
locked-account
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
login-different-country
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
login-from-new-device
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
login-not-recognized
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
otp-failures
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
pam-violation
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
password-changed
💻 Image
permissions-granted
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
risk-increase
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
robot-login
💻 Image
| Unlock account | If you click this option, Soffil will unlock the account. |
|
Look affected accounts |
If you click this option, Soffil will lock affected accounts. |
|
Disable user |
If you click this option, Soffid will disable the user. |
|
Lock affected host |
If you click this option, Soffid will lock the affected host. |
|
Unlock host |
If you click this option, Soffid will unlock the host. |
security-exception
💻 Image
|
Disable user |
If you click this option, Soffid will disable the user. |