JumpCloud Directory Insights
CYDERES has the ability to pull logs from JumpCloud Directory Insights, a platform that aggregates events across user activities and cloud or on-premises resources, including SSO applications, LDAP servers, RADIUS networks, MDM commands, and every managed Mac, Windows, and Linux device. For more information about JumpCloud Directory Insights, click here.
Chronicle Data Types
Caveats / Known Limitations
The API key is associated with the currently logged in administrator. Only administrator roles can access the API. Command runners will receive 403 error.
Any combination of the following log types can be ingested:
- Directory: activity in the Portal, including admin changes in the directory and admin/user authentications to the Portal
- RADIUS: user authentications to RADIUS used for wifi and VPNs
- SSO: user authentications through SAML applications
- System: user authentications to MacOS, Windows, and Linux systems including agent related events on lockout, password changes, and File Disk Encryption key updates
- LDAP: user authentications to LDAP, including LDAP bind and search events types
- MDM: MDM command results
Please send the following to CYDERES when setup is completed:
- Log types to configure from the list above
- API Key (see Caveats section)