Skip to content

JumpCloud Directory Insights

CYDERES has the ability to pull logs from JumpCloud Directory Insights, a platform that aggregates events across user activities and cloud or on-premises resources, including SSO applications, LDAP servers, RADIUS networks, MDM commands, and every managed Mac, Windows, and Linux device. For more information about JumpCloud Directory Insights, click here.

Chronicle Data Types

  • JUMPCLOUD_DAAS

Caveats / Known Limitations

The API key is associated with the currently logged in administrator. Only administrator roles can access the API. Command runners will receive 403 error.

Configuration

Any combination of the following log types can be ingested:

  • Directory: activity in the Portal, including admin changes in the directory and admin/user authentications to the Portal
  • RADIUS: user authentications to RADIUS used for wifi and VPNs
  • SSO: user authentications through SAML applications
  • System: user authentications to MacOS, Windows, and Linux systems including agent related events on lockout, password changes, and File Disk Encryption key updates
  • LDAP: user authentications to LDAP, including LDAP bind and search events types
  • MDM: MDM command results

Gather Information

Please send the following to CYDERES when setup is completed:

  • Log types to configure from the list above
  • API Key (see Caveats section)