Centrify Resource Center

Home  |  Centrify Resource Center  |  Centrify Suite Resources  |  Centrify Suite Reporting Tools
Centrify Insight

Monitoring and Reporting on Active Directory Changes Affecting UNIX, Linux and Mac Users

Centrify Insight improves your compliance posture through enhanced control, visibility and security of your cross-platform data center

Centrify Insight is a free monitoring and reporting tool that helps you identify and analyze authentication, authorization and other events taking place on the UNIX, Linux and Mac systems managed by Centrify Suite or Centrify Express. This information strengthens organizations' compliance efforts and improves security in on-premise and cloud environments.

Centrify Suite can easily create reports that show what systems users can access and reveal their *NIX attributes. All of this information is centrally stored in Centrify Zones within Active Directory, making it easy to manage and report. Centrify Insight additionally helps you answer the types of questions most often asked by security and compliance managers. For example:

  • Who Zone-enabled a specific user?
  • When were a user's *NIX attributes changed?
  • What Zone or groups have been modified?
  • What changes were made to Active Directory users, groups and computer objects?

How Centrify Insight Works

Centrify Insight is currently available as a Splunk App. Splunk is an engine that collects, indexes and harnesses any machine data generated by an organization's IT systems and infrastructure — physical, virtual and in the cloud. Splunk is perfectly suited for monitoring and auditing Active Directory logs, because it matches the flexibility of Active Directory and can linearly scale as the Active Directory environment grows.

The Splunk App for Centrify Insight is available free of charge on Splunkbase. Support is available on the Centrify Insight Community, where you can exchange best practice advice with Centrify staff and other Centrify Insight users.

Centrify Insight listens to Active Directory domain controllers and security event logs, as well as *NIX syslog and Centrify Suite logs, to provide the insight you need to answer security and forensic questions about Centrify-managed systems. This data is captured and summarized into a series of reports and metrics that can be displayed, reported, alerted and analyzed at a granular level. Centrify Insight provides the visibility you need with an easy-to-use search interface and pre-built interactive reports based on the mature and popular Splunk platform.

For Centrify Express users, the basic use cases are:

  • Monitor login history for both Active Directory and local accounts:
    • Successful and failed login attempts
    • Login methods used, including SSH, Telnet, and su
  • Active Directory object changes:
    • Answer the questions "[when|who] [created|deleted|updated|enabled|disabled] a [user|group|computer] Active Directory object?"
    • Answer the question "What attribute(s) changed in the Active Directory object?"
    • Answer the question "What previous value(s) did the changed attribute have?"
  • Interactively search Centrify debug logs
  • View Centrify [support|express|company] tweets
Getting Started with Centrify Insight Centrify Insight User Guide Centrify Insight Datasheet Download Centrify Insight on Splunkbase Centrify Insight Community
  Try It, Buy It Download a trial, get pricing info, or contact Sales.