Monitoring and reporting Sync server monitoring Description Soffid provides a monitoring functionality to consult all the information of the different agents and the status of each one of them and the amount of tasks assigned. Consequently, it allows diagnosing possible incidents in a quick and easy way. This option allows you to manage all the options related to the tasks created according to the configuration of each of the agents. Sync server Shows a list with the URL of all the sync servers that you have configured and the options to perform for every sync server. 💻 Image Agent Status The graph of agent status shows the number of agents connected (green light) and the number of agents disconnected (red light). By clicking on the captions you can select if you want to show only the connected agents, only the disconnected agents, or both agents. 💻 Image View Agents Allows you to access a new window with the information of every single agent. That page shows a list with the information about Agent, Number of the pending tasks, the Status, and the URL of the agent. If you click one of the agents, Soffid will display all the pending tasks for that agent. If you click on one pending task, you can view the details of that task and you could perform the actions available for that depending on your permissions. 💻 Image View Tasks Displays a matrix with all the agents configured, all the tasks, and the status of the task for each agent. You can reload the matrix with the updated tasks. The available status for a task are:  Done (green light): finished tasks. Pending (yellow light). Error (red light). If you click on one error task, Soffid will display the details of that task, the basic data, and the specific data about Execution time, Error message, Scheduled and Log detail, and Soffid will allow you to perform the available actions. If you click on one pending task, you can perform the available actions. 💻 Image Get log Allows you to download the Sync Server log file. Stats Displays the performance (tasks per minute) graph of the synchronization servers. 💻 Image Restart server Allows you to restart the synchronization server that hosts any agent. Soffis will ask for your confirmation before performing that action. If you confirm, the server will be restarted. Additional information Display the additional information of Soffid 💻 Image Tasks Active tasks Displays a graph with information about the tasks pending to be performed on the different systems. Tasks by server Displays a graph with information about the tasks for each server. View Agents Displays a view with a list of agent tasks, regardless of which synchronization server they are running on. Not scheduled tasks Displays a view with a list not scheduled tasks. At that view, you can cancel and release the held tasks 💻 Image Screen overview Related objects Agents Synchronization Servers Tasks Actions Agent actions Get log Soffid displays the log trace. Reset Allows you to restart the synchronization server that hosts any agent. Soffis will ask for your confirmation before performing that action. Tasks actions Cancel task Allows you to cancel a specific task. Soffid will ask for your confirmation, if you confirm, that task will be canceled. Prioritize Allows you to release a specific task. Soffid will ask for your confirmation, if you confirm, that task will be executed.  Scheduled tasks Description Schedule tasks display all the automatic tasks defined on Soffid, the scheduling of each task, and information about the last execution. Also, allows administrator users to update the execution of that tasks using a cron pattern and init the execution. Screen overview Scheduled tasks list Schedule task detail Standard attributes Schedule Enabled : if it is selected (value is Yes), the task will be perform on scheduled defined.  Task description : brief description of the task Month : number of the month (1-12) when the task will be performed.  Day :  number of the day (1-31) when the task will be performed. Hour : hour (0-23) when the task will be performed.  Minute : minute (0-59) when the task will be performed. Day of week : number of the day (0-7 where 0 means Sunday) of the week when the task will be performed.  Server : where the agent is running. Start date : start date and time of the last execution. End date : end date and time of the last execution. Status : The available status for a task are: Done (green light): finished tasks. Pending (yellow light). Error (red light). For each value of month, day, hour, minute, or day of the week: * means any month, day, hour, minute, or day of week. e.g. */5 to schedule every five minutes. A single number specifies that unit value: 3 Some comma separated numbers: 1,3,5,7 A range of values: 1-5 Current execution Start now : this allows you to launch the task execution. Last execution Status : The available status for a task are: Done (green light): task finished. Pending (yellow light): task has been started but it has not finished yet. Error (red light): task could not be executed. Start date : start date and time of the last execution. End date : end date and time of the last execution. Execution log : log trace. Allows you to download the log file. Previous executions List with the information about the previous executions: Start date : start date and time of the execution. Status : status of the execution.  Execution : log of the execution. Allows you to download the log file. Actions Scheduled tasks query actions Add or remove columns Allows you to show and hide columns in the table. Download CSV file Allows you to download a CSV file with the scheduled tasks. Scheduled Task detail actions Apply changes Allows you to save the data of scheduled tasks. To save the data it will be mandatory to fill in the required fields. Start now Allows you to launch the task execution. Undo Allows you to undo any changes made. Logs Allows you to download the log file. Scheduled jobs Description Schedule jobs display all the asynchronous tasks generated for the workflows engine. When a job is finished, it will disappear from that list. Standard attributes ID : job identifier. Name : job name. Process : process identifier and description. Next Rerun : date and time scheduled for next execution. Failed Attempts : number of failed attempts. Status Actions Scheduled jobs query actions Add or remove columns Allows you to show and hide columns in the table. Download CSV file Allows you to download a CSV file with the information of the scheduled jobs. Scheduled Task detail actions Resume Allows you to resume the task Hold Allows you to retain the task. Close Allows you to close the window without perform any action. Audit Description The audit trail page allows you to query for audit records. Each action done at the Soffid console will be reported. Here you have a list of common Advanced searches, you only have to copy, paste and search, e.g. // User changes trace calendar ge "2020-01-01T00:00:00.000+01:00" AND user co "admin" // User actions trace calendar ge "2020-01-01T00:00:00.000+01:00" AND author co "admin" // Soffid accounts calendar ge "2020-01-01T00:00:00.000+01:00" AND user co "admin" AND database co "soffid" // Created accounts calendar ge "2020-01-01T00:00:00.000+01:00" AND action co "C" AND object co "SC_ACCOUN" // Removed objects calendar ge "2020-01-01T00:00:00.000+01:00" AND action co "D" AND object co "SC_ACCOUN" Screen overview Custom attributes Date/Time : date on which the action was performed. Author : user who launched the task. When the author is empty, the Syncserver launched this task. Purpose : is the name of the internal object (also the table of the database) which the action was performed. Source IP User : identity who performed the action. Information system:  details on which information system the action was performed. Role : details the role with which the action was performed. Account : if the action has taken place on an account, it will be indicated on which one in this section. Group : details the group with which the action was performed. Action : the task performed is specified. Actions Query Allows you to query accounts through different search systems, Quick and Advanced . Add or remove columns Allows you to show and hide columns in the table. Download CS V file Allows you to download a csv file with the information of audit records.  Access logs Description The access log page allows querying all the information about the opened sessions.  Note that any session that was active during the specified date will be shown, even when it started before of finished after that date. Screen overview Custom attributes Type Protocol : access protocol. SSO SAML PAM CONSOLE Start date : date and time when start the access. End date : date and time when end the access. Session : session identifier. Server Client User : user who perform the access. Information : additional connection information. When the information is about the Authentication method, there are the following options: P : Password K : Kerberos E : Broker O : OTP M : Email S : SMS I : PIN C : Certificate F : Finger print Z : Push Actions Query Allows you to query accounts through different search systems, Quick and Advanced . Add or remove columns Allows to show and hide columns in the table. Download CS V file Allows to download a CSV file with the information of access logs.  Sessions Description The sessions page displays the current open sessions made with ESSO, WSSO or PAM for which the user is the owner.  This functionality allows the owner users, with appropriate privileges, to open and view online a session opened by another user. It also allows them to interact if necessary. Screen overview Custom attributes User : name of the user who opened the session. Device:  IP from which the connection was executed. Client Type : ESSO WSSO PAM Service URL:  connection URL Account name : user account name to connect. Actions Add or remove columns Allows to show and hide columns in the table. Download CS V file Allows to download a CSV file with the information of access logs.  Console log Description That option allows you to look up server logs from the console. The logs are created on the server filesystem. Screen Overview Actions Download  Allows you to download the log file  Privileged accounts dashboard Description Soffid provides a monitoring functionality to consult all the information about the different Jump servers installed and configured. The displayed info is the following: Jump server enabled accounts. High-privileged accounts. Jump server sessions. Used storage by PAM storage server. Free storage by PAM storage server. User with access to PAM jump servers. Screen overview Related objects Jump servers: Configure PAM session servers High-privileged accounts: Accounts To activate this view you will need to enable the Feed statistic tables task on the  Scheduled tasks page . Search in PAM recordings Description Soffid provides the functionality that allows searching for information about the PAM recording sessions. That option is located on Main Menu > Administration > Monitoring and reporting > Search in PAM recordings First of all, to query the PAM recording, you could apply some filters to refine your search. Then, when you click the Search button, Soffid will show you all the recording sessions that comply with the criteria specified. If you click on one record, Soffid will show you a new page with all the data about the session and the recorded video. If you query with a typed keys filter, a bookmark with the minute and second will show, and it will allow you to go directly to that point and view the action. Screen overview Standard attributes Jum server group : used to connect to the system. URL:  service URL Typed keys: allows you to search in PAM recording Typed keys by the user on the system. Other information: violation of rule Ctrl "[ctrl]+l" "[ctrl]+d" ... Screenshot contents by screen content User name: user who created the session. Start date Actions Download CSV file Allows you to download a CSV file with the PAM recording information. Search Allows you to query the PAM recording by applying some filters. View recording Allows you to view the recording. You need to click on the record of the PAM recording that you want to view, then Soffid will show you a new page with all the information about the session and the recording video. Issues Definition Soffid provides a tool to manage all issues and allows you to perform the operations available for each type of task. The actions to be performed will depend on each kind of task. You can find this functionality in the following path: Main Menu > Administration > Monitoring and reporting > Issues Screen Overview Issues Related objects User Accounts Standard attributes Issue number :  an incremental number to identify the issue. Created on : date of creation. Issue type : issue list defined by Soffid. Description : a brief description of the issue. Times : number of times the issue has been repeated. Status :  possible task status. There are three available statuses: New Acknowledged Solved Exception : Error occurred jobName Actor : owner of this issue. Actions log : each of the actions that have been carried out on the issue. Actions Issues query action Download CSV file Allows you to download a CSV file with the issue data. Add or remove columns Allows you to show and hide columns in the table. You can also set the order in which the columns will be displayed. The selected columns and order will be saved for the next time Soffid displays the page.  Issue detail Close Allows you to quit without applying any changes. Acknowledge Allows you to check as Acknowledged Solve issue Allows you to mark as solved the issue. Send custom email Allows you to send a custom email to one recipient. Add Comments Allows you to add comments to the Action logs. account-created 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. disconnected-system 💻 Image discovered-host 💻 Image discovered-system 💻 Image duplicated-user 💻 Image Mege users If you click this option, Soffid will allow you to merge the identities by selecting the data of each of them. 💻 Image failed-job 💻 Image enabled-account-on-disabled-user 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  global-failed-login 💻 Image integration-errors 💻 Image locked-account 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. login-different-country 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. login-from-new-device 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. login-not-recognized 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. otp-failures 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. pam-violation 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. password-changed 💻 Image permissions-granted 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. risk-increase 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. robot-login 💻 Image Unlock account If you click this option, Soffil will unlock the account. Look affected accounts  If you click this option, Soffil will lock affected accounts.  Disable user If you click this option, Soffid will disable the user. Lock affected host If you click this option, Soffid will lock the affected host. Unlock host If you click this option, Soffid will unlock the host. security-exception 💻 Image Disable user If you click this option, Soffid will disable the user.