Cloud System Inspector Summary
3CX
Summary
- Production Status: Production
- Description: A dedicated inspector for 3CX, a phone system that supports SIP soft/hard phones, VoIP services and phone lines.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- FQDN
- Public IP
- AvailableLocalIPs
- Max Sim Calls
- Trunks Total
- Extensions Total
- Maintenance Expires On
- License Expires On
- Days Until License Expires
- Reseller Name
- License Key
- Product Code
- Support Active
- Details about System Status: fqdn, web meeting fqdn, web meeting status, version, recording state, activated, max sim calls, max sim meeting participants, call history count, chat messages count, extensions registered, own push, public ip, local ip valid, current local ip, available local ips, extensions total, has unregistered system extensions, has stopped services, trunks registered, trunks total, calls active, blacklisted ip count, memory usage, physical memory usage, free firtual memory, total virtual memory, free physical memory, total physical memory, disk usage, free disk space, total disk space, cpu usage, cpu usage history, maintenance expires on, support active, license active, license expiration date, outbound rules, backup job scheduled, last backup on, reseller name, license key, product code, spla, days since last backup, days until license expiration
- Details about Licensing: license key, loaded from erp, company name, contact name, e-mail, admin e-mail, telephone, country name, reseller name, version, license activated, auto-renew enabled, country id, license expires date, first activated on, product code, review status, support expires on, maintenance expires on, max sim calls, max g729 channels, sim meeting participants, pro features enabled, failover enabled, days until license expiration
- Details about API User Account: name, initials, version, roles, e-mail, registration e-mail, console enabled, is professional, hosting mode enabled, chat log enabled, instance manager enabled, lab features enabled, exchange services enabled, call reports enabled, acquaintance
Data Tab Headers
- Overview
- Users
- Trunks
- Groups
- Inbound Rules
- Outbound Rules
- Ring Groups
- Call Queues
- Activity Logs
- Blacklist
- Backups
- Phones
- Extensions
Actionable Alerts
- 3CX: No Scheduled Backups Present
- 3CX: License Expires In 30 Days Or Less
- 3CX: One Or More SIP Trunks Are Offline
- 3CX: The Public IP Address Of A 3CX Instance Has Changed
- 3CX: Call Recording Disk Usage Is At 90% Or More Capacity.
Metrics
- 3CX: Allowed IP Entries Count
- 3CX: Allowed IP Entries List
- 3CX: Backup Scheduled
- 3CX: Days Until License Expires
- 3CX: Blocked IP Entries Count
- 3CX: Firmware Name
- 3CX: Firmware ID
- 3CX: Inbound Rules Count
- 3CX: License Expiring in 30 Days or Less
- 3CX: License Maximum SIM Calls
- 3CX: License Active
- 3CX: License Key
- 3CX: Local IP Address List
- 3CX: Outbound Rules Count
- 3CX: Phones Count
- 3CX: Public IP Address
- 3CX: Registered System Extensions Count
- 3CX: Online Trunks Count
- 3CX: Online Trunks List
- 3CX: System Has Stopped Services
- 3CX: Total Extensions Count
- 3CX: Trunks Count
- 3CX: Unregistered System Extensions Count
- 3CX: Offline Trunks Count
- 3CX: Offline Trunks List
- 3CX: Disk Usage Warning
3CX (Legacy)
Summary
- Production Status: Production
- Description: A dedicated inspector for 3CX, a phone system that supports SIP soft/hard phones, VoIP services and phone lines.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- FQDN
- Public IP
- AvailableLocalIPs
- Max Sim Calls
- Trunks Total
- Extensions Total
- Maintenance Expires On
- License Expires On
- Days Until License Expires
- Reseller Name
- License Key
- Product Code
- Support Active
- Details about System Status: fqdn, web meeting fqdn, web meeting status, version, recording state, activated, max sim calls, max sim meeting participants, call history count, chat messages count, extensions registered, own push, public ip, local ip valid, current local ip, available local ips, extensions total, has unregistered system extensions, has stopped services, trunks registered, trunks total, calls active, blacklisted ip count, memory usage, physical memory usage, free firtual memory, total virtual memory, free physical memory, total physical memory, disk usage, free disk space, total disk space, cpu usage, cpu usage history, maintenance expires on, support active, license active, license expiration date, outbound rules, backup job scheduled, last backup on, reseller name, license key, product code, spla, days since last backup, days until license expiration
- Details about Licensing: license key, loaded from erp, company name, contact name, e-mail, admin e-mail, telephone, country name, reseller name, version, license activated, auto-renew enabled, country id, license expires date, first activated on, product code, review status, support expires on, maintenance expires on, max sim calls, max g729 channels, sim meeting participants, pro features enabled, failover enabled, days until license expiration
- Details about API User Account: name, initials, version, roles, e-mail, registration e-mail, console enabled, is professional, hosting mode enabled, chat log enabled, instance manager enabled, lab features enabled, exchange services enabled, call reports enabled, acquaintance
Data Tab Headers
- Overview
- Users
- Trunks
- Groups
- IVRS
- Inbound Rules
- Outbound Rules
- Ring Groups
- Call Queues
- Activity Logs
- Blacklist
- Backups
- Phones
- Extensions
Actionable Alerts
- 3CX | No Scheduled Backups Present
- 3CX | License Expires In 30 Days Or Less
- 3CX | One Or More SIP Trunks Are Unregistered
- 3CX | The Public IP Address Of A 3CX Instance Has Changed
- 3CX | Call Recording Disk Usage Is At 90% Or More Capacity.
Metrics
- 3CX: Trunk Groups Count
- 3CX: Registered Trunks Count
- 3CX: Registered Trunks List
- 3CX: Backup Scheduled
- 3CX: Unregistered Trunks Count
- 3CX: Unregistered Trunks List
- 3CX: Phones Count
- 3CX: Total Extensions Count
- 3CX: Registered Extensions Count
- 3CX: Unregistered Extensions Count
- 3CX: Extensions With High Alerts Count
- 3CX: Extensions With High Alerts List
- 3CX: Inbound Rules Count
- 3CX: Outbound Rules Count
- 3CX: License Maximum SIM Calls
- 3CX: Local IP Address List
- 3CX: License Expiring in 30 Days or Less
- 3CX: Days Until License Expires
- 3CX: Public IP Address
- 3CX: Allowed IP Entries List
- 3CX: Denied IP Entries Count
- 3CX: Allowed IP Entries Count
- 3CX: System Has Stopped Services
- 3CX: Disk Usage Warning
Acronis Cyber Cloud
Summary
- Production Status: Production
- Description: A dedicated inspector for Acronis Cyber Cloud.
- Documentation
- Inspector Category: Cloud
- Discovers: Acronis Cyber Cloud
Data Views Information
Parent Overview Data Table
- Tenant Name
- Main Contact
- Tenant MFA Status
- Pricing Mode
- Created At
- Last Updated
- Total Users
- Total Users with Time-Based One-Time Password (TOTP) Enabled
- Active Users With MFA vs. Total Active Users
- Active Users Without MFA
- Total Protected Workloads
- Local Backup
- Workstations
- Servers
- Virtual Machines
- Microsoft 365 Seats
- Microsoft 365 SharePoint Online Sites
- Microsoft 365 Teams
- Microsoft 365 Shared Seats
- Google Workspace Seats
- Advanced Backup - Workstations
- Advanced Backup - Servers
- Advanced Backup - Virtual Machines
- Advanced Backup - Web Hosting Servers
Parent Data Tab Headers
- Overview
- Tenants
Child Overview Data Table
- Tenant Name
- Main Contact
- Tenant MFA Status
- Pricing Mode
- Created At
- Last Updated
- Total Users
- Total Users with Time-Based One-Time Password (TOTP) Enabled
- Active Users With MFA vs. Total Active Users
- Active Users Without MFA
- Total Protected Workloads
- Local Backup
- Workstations
- Servers
- Virtual Machines
- Microsoft 365 Seats
- Microsoft 365 SharePoint Online Sites
- Microsoft 365 Teams
- Microsoft 365 Shared Seats
- Google Workspace Seats
- Advanced Backup - Workstations
- Advanced Backup - Servers
- Advanced Backup - Virtual Machines
- Advanced Backup - Web Hosting Servers
Child Data Tab Headers
- Overview
- Devices
- Users
- Agents
- Alerts
- Usages
- Resources
- Hardware Nodes
Actionable Alerts
- Acronis Cyber Cloud | Active Users Added/Removed/Modified
- Acronis Cyber Cloud | Change To Machines With Backup Enabled
- Acronis Cyber Cloud | Change To Machines With Antivirus & Antimalware Protection Enabled
- Acronis Cyber Cloud | Change To Machines With Vulnerability Assessment Enabled
- Acronis Cyber Cloud | Change To Machines With Patch Management Enabled
- Acronis Cyber Cloud | Machine Not Successfully Backed Up In Last 24 Hours
Metrics
- Acronis Cyber Cloud: Count of Active Users
- Acronis Cyber Cloud: List of Active Users
- Acronis Cyber Cloud: Active Users with MFA
- Acronis Cyber Cloud: Active Users without MFA
- Acronis Cyber Cloud: Total Protected Workloads
- Acronis Cyber Cloud: Local Storage Used (Bytes)
- Acronis Cyber Cloud: Count of Machines
- Acronis Cyber Cloud: Count of Machines with Backup Enabled
- Acronis Cyber Cloud: List of Machines with Backup Enabled
- Acronis Cyber Cloud: List of Machines without Backup Enabled
- Acronis Cyber Cloud: Count of Machines with Antivirus & Antimalware Protection Enabled
- Acronis Cyber Cloud: List of Machines with Antivirus & Antimalware Protection Enabled
- Acronis Cyber Cloud: List of Machines without Antivirus & Antimalware Protection Enabled
- Acronis Cyber Cloud: Count of Machines with Vulnerability Assessment Enabled
- Acronis Cyber Cloud: List of Machines with Vulnerability Assessment Enabled
- Acronis Cyber Cloud: List of Machines without Vulnerability Assessment Enabled
- Acronis Cyber Cloud: Count of Machines with Patch Management Enabled
- Acronis Cyber Cloud: List of Machines with Patch Management Enabled
- Acronis Cyber Cloud: List of Machines without Patch Management Enabled
- Acronis Cyber Cloud: Machine Backup Summary
- Acronis Cyber Cloud: Count of Machines Not Successfully Backed Up In Last 24 Hours
- Acronis Cyber Cloud: List of Machines Not Successfully Backed Up In Last 24 Hours
Amazon Web Services
Summary
- Production Status: Production
- Description: Inspects an AWS account, returning a wide variety of data including actionable summary information such as privileged users, publicly accessible S3 buckets, and much more.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Account Creation Time
- Region
- Root Account MFA Enabled
- Root Account API Key
- Availability Zones in Use
- Total API Keys
- Users With API Keys
- Total IAM Users
- IAM Users
- Total IAM Users MFA Enabled
- IAM User Groups
- IAM Roles
- Total Running EC2 Instances
- Running EC2 Instances
- Total S3 Buckets
- Total Publicly Accessible S3 Buckets
- S3 Buckets
- Total Security Groups
- Security Groups
- VPCs
- Subnets
Data Tab Headers
- Overview
- Users
- API Keys
- Group Membership
- Roles
- Credential Report
- VPCs
- Subnets
- Network ACLs
- Network Interfaces
- Instances
- Security Groups
- Volumes
- S3 Buckets
- S3 Bucket ACLs
- RDS
- CloudWatch
Actionable Alerts
- Amazon Web Services | Auditing and Logging Not Activated
- Amazon Web Services | Exposure to Accounts Due to Lack of Strong Authentication
- Amazon Web Services | RDS Instance Recoverable Backup Older Than 15 Days
- Amazon Web Services | Schedule AWS Maintenance or Other Events
- Amazon Web Services Inspector | Change to Buckets List
- Amazon Web Services Inspector | Change to Roles List
- Amazon Web Services Inspector | Change to VPCs List
- Amazon Web Services Inspector | Change to Subnet List
- Amazon Web Services Inspector | Change to Volume List
- Amazon Web Services Inspector | Change to NAT Gateways List
- Amazon Web Services Inspector | Change to Virtual MFA Devices List
- Amazon Web Services Inspector | Change to Security Groups List
- Amazon Web Services Inspector | Change to Network ACLs List
- Amazon Web Services Inspector | Change to IAM Enabled
- Amazon Web Services Inspector | Change to CloudTrails Enabled
- Amazon Web Services Inspector | Change to Strong Password Policy Enabled
- Amazon Web Services Inspector | Change to Root Access Keys Enabled
- Amazon Web Services Inspector | Change to Number of API Keys
Metrics
- Amazon Web Services: Publicly Accessible S3 Bucket Count
- Amazon Web Services: Users with API Keys List
- Amazon Web Services: API Keys Count
- Amazon Web Services: Running EC2 Instances
- Amazon Web Services: SystemInfo
- Amazon Web Services: Roles List
- Amazon Web Services: Users List
- Amazon Web Services: Availability Zones List
- Amazon Web Services: Groups List
- Amazon Web Services: Region List
- Amazon Web Services: Subnets List
- Amazon Web Services: S3 Buckets List
- Amazon Web Services: IAM Users Count
- Amazon Web Services: S3 Buckets Count
- Amazon Web Services: Security Groups Count
- Amazon Web Services: Running EC2 Instances List
- Amazon Web Services: Num IAM Users MFA Enabled
- Amazon Web Services: Root Account MFA Enabled
- Amazon Web Services: Running EC2 Instances Count
- Amazon Web Services: Bucket List
- Amazon Web Services: Role List
- Amazon Web Services: VPC List
- Amazon Web Services: Subnet List
- Amazon Web Services: Volume List
- Amazon Web Services: NAT Gateways List
- Amazon Web Services: Virtual MFA Devices List
- Amazon Web Services: Security Groups List
- Amazon Web Services: Network ACLs List
- Amazon Web Services: IAM Enabled
- Amazon Web Services: CloudTrails Enabled
- Amazon Web Services: Strong Password Policy Enabled
- Amazon Web Services: Root Access Keys
- Amazon Web Services: Users without MFA Enabled List 2
- Amazon Web Services: Users without MFA Enabled List
- Amazon Web Services: RDS Instances with Recoverable Backup Older Than 15 Days List
- Amazon Web Services: RDS Instances with Recoverable Backup Older Than 15 Days Count
- Amazon Web Services: EC2 Instances with Status Alerts List
- Amazon Web Services: EC2 Instances with Status Alerts Count
Azure
Summary
- Production Status: Production
- Description: Inspects a Microsoft Azure account, returning data including virtual machines, Azure AD users and groups, and network security groups.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Users
- Groups
- Subscriptions
- ResourceGroups
- VirtualMachines
- VirtualNetworks
- Disks
- Subscriptions
- ResourceGroups
- VirtualMachines
- VirtualNetworks
Data Tab Headers
- Overview
- Users
- Groups
- Subscriptions
- Resource Groups
- Virtual Machines
- Virtual Networks
- Network Security Groups
Actionable Alerts
- Azure Inspector | Network Security Rules with Exposed Default RDP Port
- Azure Inspector | Network Security Rules with Default RDP Port
Metrics
- Azure: Virtual Machine Count
- Azure: Subnets List
- Azure: Disabled Accounts List
- Azure: Enabled Subscriptions Count
- Azure: SystemInfo
- Azure: Virtual Machines List
- Azure: Security Rules
- Azure: Active Users Email List
- Azure Inspector: Network Security Rules with Exposed Default RDP Port Count
- Azure Inspector: Network Security Rules with Exposed Default RDP Port List
- Azure Inspector: Network Security Rules with Default RDP Port Count
- Azure Inspector: Network Security Rules with Exposed Default RDP Port List II
Box.com
Summary
- Production Status: Production
- Description: Inspects a box.com account. This is an early release inspector which has not been tested on a production environment yet and may require assistance from the Liongard team to get working initially.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Users
- Groups
- DevicePins
Data Tab Headers
- Overview
- Users
- Groups
- Device Pins
Actionable Alerts
Metrics
- Box: SystemInfo
Cisco Umbrella
Summary
- Production Status: Production
- Description: Inspects a Cisco Umbrella MSP account, landing child inspectors for each customer tenant. The child inspectors return data about permissions into the Umbrella tenant and protected clients.
- Documentation
- Inspector Category: Cloud
- Discovers: Cisco Umbrella
Data Views Information
Child Overview Data Table
- Total Users
- Total Roles
- Total Sites
- Total Networks
- Total Internal Networks
- Total Virtual Appliances
- Total Roaming Computers
- Roaming Computers (Off)
- Roaming Computers (Open)
- Roaming Computers (Encrypted)
- Roaming Computers (VA)
Child Data Tab Headers
- Overview
- Users
- Roles
- Networks
- Internal Networks
- Network Devices
- Virtual Appliances
- Roaming Computers
- Sites
- Policies
Actionable Alerts
Metrics
- Cisco Umbrella: Unverified Networks List
- Cisco Umbrella: Active Users Without MFA Count
- Cisco Umbrella: List of Devices
Cloudflare
Summary
- Production Status: Production
- Description: A dedicated inspector for Cloudflare, a web infrastructure and website security platform.
- Documentation
- Inspector Category: Cloud
- Discovers: Cloudflare, Internet Domain/DNS
Data Views Information
Parent Overview Data Table
- API Expiration
- Account's
- Total Accounts
- Accounts Without 2fa Enforced
- Total Zones
- Zones
Parent Data Tab Headers
- Overview
- Accounts
- Zones
- DNS Records
- Page Rules
- Settings
- Audit Logs
Child Overview Data Table
- API Expiration
- Account Name
- Enforced 2FA
- Access Approval Expiry
- Custom Nameserver By Default
- Created On
- Recent Logs
- Total Users
- Total Zones
- Zones
Child Data Tab Headers
- Overview
- Zones
- DNS Records
- Page Rules
- Settings
- Audit Logs
Actionable Alerts
- Cloudflare | One or More Account Members Do Not Have 2FA Enabled
- Cloudflare | The Number of Admin Members of One or More Accounts Has Changed
- Cloudflare | One or More Zones Are Configured to Using TLS v1/v2 Only
- Cloudflare | One or More Zones Were Flagged for Phishing
- Cloudflare | Cloudflare API Access Will Expire Within 15 Days
Metrics
- Cloudflare: Accounts Count
- Cloudflare: Total Members Count
- Cloudflare: Total Zones Count
- Cloudflare: Active Zones Count
- Cloudflare: Zones In Dev Mode Count
- Cloudflare: Zones In Dev Mode List
- Cloudflare: Zones With Phishing Detected Count
- Cloudflare: Zones With Phishing Detected List
- Cloudflare: Total DNS Records Count
- Cloudflare: Account Members Without 2FA Enabled Count
- Cloudflare: Account Members Without 2FA Enabled List
- Cloudflare: Account Admin Members Count
- Cloudflare: Account Admin Members List
- Cloudflare: Zones Using TLS v1/v2 Only Count
- Cloudflare: Zones Using TLS v1/v2 Only List
- Cloudflare: Zones Without Forced HTTPS List
- Cloudflare: Zones Without Forced HTTPS Count
- Cloudflare: Zones With Phishing Detected List II
- Cloudflare: Zones With Phishing Detected Count II
- Cloudflare: Account Members Without 2FA List
- Cloudflare: Account Members Without 2FA Count
- Cloudflare: Days Until API Access Expires
Dark Web Monitoring
Summary
- Production Status: Production
- Description: Inspects haveibeenpwned.com for the list of email addresses provided to identify customers that have been a part of a known data breach.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Name
- Total Number of Breaches
- Total Users With Breaches
Data Tab Headers
- Overview
- Users
- Breaches
- Breach Details
Actionable Alerts
- Identity Monitoring Inspector | User Breach Identified
- Identity Monitoring Inspector | User Change Added/Removed/Modified
Metrics
- Identity Monitoring: Total Breaches Count
- Identity Monitoring: Users with Data Breaches Count
- Identity Monitoring: Breaches Summary
- Identity Monitoring: Email List
- Identity Monitoring: Breaches Summary with Data Classes
- Identity Monitoring: List of Users with Password Related Breaches
- Identity Monitoring: Count of Users with Password Related Breaches
- Identity Monitoring: List of Breaches [Power BI]
Dropbox
Summary
- Production Status: Production
- Description: This is an early release inspector which has not been tested on a production environment yet and may require assistance from the Liongard team to get working initially.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Name
- Team ID
- Number of Licensed Users
- Number of Provisioned Users
- Shared Folder Join
- Shared Folder Member
- Shared Link Create
- Enterprise Mobility Management
- Microsoft Office Add-In
Data Tab Headers
- Overview
- Groups
- Folders
- Members
- Memberships
- Namespaces
- Storage
- Device Activity
- Member Activity
Actionable Alerts
Metrics
ESET Licensing
Summary
- Production Status: Production
- Description: A dedicated inspector for ESETs MSP Administrative Portal 2, which is a licensing management system for ESET MSP partners. ESET's MSP Portal allows for management and history of licenses across their customers.
- Documentation
- Inspector Category: Cloud
- Discovers: ESET Licensing
Data Views Information
Overview Data Table
- Company Name
- Type
- Status
- System Email
- Address
- Comments
- Tags
- VAT ID
- Trials Allowed
- Custom Identifier
Data Tab Headers
- Overview
- Users
- Licenses
- License History
Actionable Alerts
- ESET Licensing | Change to Privileged Users
- ESET Licensing | Change to License Usage Summary
- ESET Licensing | Licenses in a Error State
- ESET Licensing | Licenses in a Suspended State
- ESET Licensing | Licenses in a Warning State
- ESET Licensing | 30 Days until Trial License Expires
Metrics
- ESET Licensing: Count of Privileged Users
- ESET Licensing: List of Privileged Users
- ESET Licensing: Count of Active Users
- ESET Licensing: List of Active Users
- ESET Licensing: Total User Count Waiting for Activation/Activation Link Expired
- ESET Licensing: Total User List Waiting for Activation/Activation Link Expired
- ESET Licensing: License Usage Summary
- ESET Licensing: Count of Licenses in an Error State
- ESET Licensing: List of Licenses in an Error State
- ESET Licensing: Count of Licenses in a Suspended State
- ESET Licensing: List of Licenses in a Suspended State
- ESET Licensing: Count of Licenses in a Warning State
- ESET Licensing: List of Licenses in a Warning State
- ESET Licensing: Count of Trial Licenses Expiring in 30 days
- ESET Licensing: List of Trial Licenses Expiring in 30 days
GoDaddy
Summary
- Production Status: Beta
- Description: Inspects a godaddy account.
- Documentation
- Inspector Category: Cloud
- Discovers: Internet Domain/DNS
Data Views Information
Overview Data Table
- Total Active Domains
- Active Domains
- Total Domains
- Total Orders
- Total Subscriptions
Data Tab Headers
- Overview
- Domains
- Subscriptions
- Orders
Actionable Alerts
Metrics
Google Drive
Summary
- Production Status: Production
- Description: A dedicated inspector for Google Drive, a file storage and synchronization service developed by Google
- Documentation
- Inspector Category: Cloud
- Discovers: Google Drive
Data Views Information
Overview Data Table
- Domain(s)
- Total Users
- Total Groups
- Total Shared Drives
- Total Top-Level Folders
- Total Shared Top-Level Folders
- Can Be Edited
- Can Be Read
- Can Be Commented-On
Data Tab Headers
- Overview
- Users
- Groups
- Top-Level Folders
- Shared Drives
Actionable Alerts
- Google Drive | Change to Top-Level Folders Accessible To Internet (Can Be Edited)
- Google Drive | Change to Top-Level Folders Accessible To Internet (Can Be Read)
Metrics
- Google Drive: Users List
- Google Drive: Shared Drives Summary
- Google Drive: Shared Drives List
- Google Drive: Top-Level Folders Accessible To Internet (Can Be Edited)
- Google Drive: Top-Level Folders Accessible To Internet (Can Be Read)
- Google Drive: Top-Level Folders Accessible To Internet (Can Be Commented-On)
Google Workspace
Summary
- Production Status: Production
- Description: Inspects a Google Workspace account, bringing back information about users, groups, organizational units, and more.
- Documentation
- Inspector Category: Cloud
- Discovers: Google Workspace
Data Views Information
Parent Overview Data Table
- Domain(s)
- Total Active User(s)
- Total Privileged User(s)
- Super Administrator User(s)
- Total Suspended User(s)
- Total Archived User(s)
- Total User(s) Enrolled in 2-Step Verification
- Total User(s) Not Enrolled in 2-Step Verification
- Total Delegated Admin(s)
Parent Data Tab Headers
- Overview
- Licensing
- Users
- Groups
- Domains
- Organizational Units
- Roles
- Role Assignments
- Privileges
- Devices
- Resource Calendars
- Subscriptions
- Customers
Child Overview Data Table
- Domain(s)
- Total Active User(s)
- Total Privileged User(s)
- Super Administrator User(s)
- Total Suspended User(s)
- Total Archived User(s)
- Total User(s) Enrolled in 2-Step Verification
- Total User(s) Not Enrolled in 2-Step Verification
- Total Delegated Admin(s)
Child Data Tab Headers
- Overview
- Licensing
- Users
- Groups
- Domains
- Organizational Units
- Roles
- Role Assignments
- Privileges
- Devices
- Resource Calendars
Actionable Alerts
- Google Workspace Inspector | Roles Added/Removed/Modified
- Google Workspace Inspector | Active Users Added/Removed/Modified
- Google Workspace Inspector | Groups Added/Removed/Modified
- Google Workspace Inspector | Domains Added/Removed/Modified
- Google Workspace Inspector | Privileges Added/Removed/Modified
- Google Workspace Inspector | Mobile Devices Added/Removed/Modified
- Google Workspace Inspector | Subscription License Count Modified
- Google Workspace Inspector | Resource Calendar Added/Removed/Modified
- Google Workspace Inspector | Organizational Units Added/Removed/Modified
- Google Workspace Inspector | MFA Not Enabled on Enforced Account
- Google Workspace Inspector | Stale User Accounts
- Google Workspace Inspector | Non-Admin Created Groups
Metrics
- Google G Suite: User Count
- Google G Suite: User List
- Google G Suite: Admin User Count
- Google G Suite: Admin User List
- Google G Suite: Mobile Device Count
- Google G Suite: Users With MFA Enforced Count
- Google G Suite: Users With MFA Enforced List
- Google G Suite: Users Without MFA Enforced Count
- Google G Suite: Users Without MFA Enforced List
- Google G Suite: Users With MFA Enrolled Count
- Google G Suite: Users With MFA Enrolled List
- Google G Suite: Users Without MFA Enrolled Count
- Google G Suite: Users Without MFA Enrolled List
- Google G Suite: Non-Free or Trial Subscription Count
- Google G Suite: Non-Free or Trial Subscription List
- Google G Suite: Role Summary
- Google G Suite: Active Users Email List
- Google G Suite: Active Users Count
- Google G Suite: Active User Summary
- Google G Suite: Group Summary
- Google G Suite: Domain Summary
- Google G Suite: Privilege Summary
- Google G Suite: Mobile Device Summary
- Google G Suite: Subscription License Summary
- Google G Suite: Resource Calendar Summary
- Google G Suite: Organizational Unit Summary
- Google G Suite Inspector: Accounts with MFA Enforced but Not Enabled List
- Google G Suite Inspector: Accounts with MFA Enforced but Not Enabled Count
- Google G Suite Inspector: Stale User Accounts List
- Google G Suite Inspector: Stale User Accounts Count
- Google G Suite Inspector: Non-Admin Created Groups List
- Google G Suite Inspector: Non-Admin Created Groups Count
Internet Domain/DNS
Summary
- Production Status: Production
- Description: Inspects a public Internet domain, returning a wide variety of data including DNS records with MX information, registration, and expiration data.
- Documentation
- Inspector Category: Cloud
- Discovers: TLS/SSL
Data Views Information
Overview Data Table
- Domain Name
- Domain Registrar
- Domain Created On
- Domain Updated On
- Domain Expires On
- Domain Registrant
- Domain Admin
- Domain Tech
- DNS Hosting Vendor
- DNS Hosting Region
- Domain Name Servers
- DNS A Record
- DNS Protection (DNSSEC)
- Website Detected
- Website URL
- Website Title
- Website Hosting
- Website Region
- Website TLS/SSL
- Email Detected
- Email - MX (Mail) Record
- Email Hosting Vendors
- Email Hosting IP Addresses
- Email Hosting Region
- Approved Email Senders (SPF)
- Domain-based Message Auth, Reporting & Conformance (DMARC)
Data Tab Headers
- Overview
- DNS
Actionable Alerts
- Internet Domain | DNS Poisoning Exposure
- Internet Domain | Email Forgery Exposure
- Internet Domain | Email Forgery Exposure from Rogue Source
- Internet Domain | Email Forgery Exposure from Unmatched Source
- Internet Domain | Expiration
- Internet Domain | Web Traffic Exposure to Sniffing and Lack of Website Validation
- Internet Domain | Change to NS Record
- Internet Domain | Change to MX Record
- Internet Domain | Change to SPF Record
- Internet Domain | Change to A Record
- Internet Domain | Registrant Contact Details Modified
- Internet Domain | Admin Contact Details Modified
- Internet Domain | DNSSEC Records Modified
- Internet Domain/DNS Inspector | Change to SRV Record
- Internet Domain/DNS Inspector | Non-Valid DMARC Record Detected
- Internet Domain/DNS Inspector | Non-Valid DKIM Record Detected
- Internet Domain/DNS Inspector | Non-Valid SPF Record Detected
- Internet Domain/DNS Inspector | Missing SPF Record
- Internet Domain/DNS Inspector | Missing DMARC Record
- Internet Domain/DNS Inspector | Missing DKIM Record
Metrics
- Internet Domain/DNS: Days Until Expiration
- Internet Domain/DNS: Registrar
- Internet Domain/DNS: MX Records
- Internet Domain/DNS: SPF & DMARC Records Both Present
- Internet Domain/DNS: SystemInfo
- Internet Domain/DNS: DNS NS Record List
- Internet Domain/DNS: DNS MX Record List
- Internet Domain/DNS: DNS A Record Summary
- Internet Domain/DNS: DNS Start of Authority
- Internet Domain/DNS: DNS TTLs
- Internet Domain/DNS: DNSSEC
- Internet Domain/DNS: SPF Records
- Internet Domain/DNS: NS Record Summary
- Internet Domain/DNS: MX Record Summary
- Internet Domain/DNS: Domain Modified Time
- Internet Domain/DNS: Registrant Contact
- Internet Domain/DNS: Admin Contact
- Internet Domain/DNS: DNSSEC Record Summary
- Internet Domain/DNS: SRV Record Summary
- Internet Domain/DNS: SSL Certificate Names Match
- Internet Domain/DNS: Days Until Domain Expiration
- Internet Domain/DNS: Days Until SSL Certificate Expiration
- Internet Domain/DNS: SSL Certificate Ciphers Supported List
- Internet Domain/DNS: Certificate Has SHA1 in Chain
- Internet Domain/DNS: DNSSEC Records Count
- Internet Domain/DNS: DMARC Exists on Domain
- Internet Domain/DNS: DKIM Found on Domain
- Internet Domain/DNS: SPF Exists on Domain
- Internet Domain/DNS: SPF all Statement Exists on Domain
- Internet Domain/DNS: Expiration Date
- Internet Domain/DNS: SSL Certificate Exists
- Internet Domain/DNS: DMARC Single Record Verification
- Internet Domain/DNS: DMARC External Domains Reporting Permission Check
- Internet Domain/DNS: DMARC Record Syntax Validation
- Internet Domain/DNS: DMARC Record Presence Verification
- Internet Domain/DNS: DMARC Quarantine/Reject Policy Validation
- Internet Domain/DNS: DMARC Policy Validation
- Internet Domain/DNS: DKIM Public Key Verification
- Internet Domain/DNS: DKIM Syntax Validation
- Internet Domain/DNS: DKIM Record Validation
- Internet Domain/DNS: SPF Record Validation
- Internet Domain/DNS: SPF Lookup Count Validation
- Internet Domain/DNS: SPF Record Presence Verification
- Internet Domain/DNS: SPF Record Uniqueness Verification
- Internet Domain/DNS: SPF Post-All Mechanism Validation
- Internet Domain/DNS: SPF Record Syntax Validation
- Internet Domain/DNS: SPF Void Lookup Limit Verification
- Internet Domain/DNS: SPF A & AAAA Records Limit Check
- Internet Domain/DNS: SPF A & AAAA Records Limit Check
JumpCloud
Summary
- Production Status: Production
- Description: A dedicated inspector for the JumpCloud platform which is an Azure AD alternative with user management, Web App SSO, Cloud LDAP, SaaS RADIUS, GPO-like policies for Mac, Linux, and Windows.
- Documentation
- Inspector Category: Cloud
- Discovers: JumpCloud
Data Views Information
Parent Overview Data Table
- Total Organizations
- Total Directories
- Total Users
- Total Systems
- displayName
- created
- hasStripeCustomerId
- systemInsights
- systemUserPasswordExpirationInDays
- passwordCompliance
- pendingDelete
- enableO365
Parent Data Tab Headers
- Overview
Child Overview Data Table
- Total Organizations
- Total Directories
- Total Users
- Total Systems
- displayName
- created
- hasStripeCustomerId
- systemInsights
- systemUserPasswordExpirationInDays
- passwordCompliance
- pendingDelete
- enableO365
Child Data Tab Headers
- Overview
- Users
- Groups
- Directories
- Systems
- Commands
- Applications
- Policies
- Apple MDM
Actionable Alerts
- JumpCloud | Change to Locked User Accounts
- JumpCloud | Change to Systems with Failed Policies
- JumpCloud | Change to Systems with Failed Commands
Metrics
- JumpCloud: Systems with Failed Policies List
- JumpCloud: Systems with Failed Commands List
- JumpCloud: Systems with Failed Policies Count
- JumpCloud: Systems with Failed Commands Count
- JumpCloud: Locked User Accounts Count
- JumpCloud: User Accounts with No Password Expiration Count
- JumpCloud: Locked User Accounts List
KnowBe4
Summary
- Production Status: Production
- Description: A dedicated inspector for KnowBe4, a security awareness training platform.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Name
- Type
- Subscription Level
- Subscription End Date
- Admins
- Number of Seats
- Current Risk Score
- Total Users
- Total Groups
- Total Campaigns
- Total Phishing Tests
- Active Campaigns
Data Tab Headers
- Overview
- Users
- Groups
- Campaigns
- Phishing Tests
- Training
Actionable Alerts
- KnowBe4 | One Or More Users Have Past Due Training Items
Metrics
- KnowBe4: Average User Risk Score
- KnowBe4: Highest Risk User
- KnowBe4: Closed Campaigns Phishing Prone Percentages List
- KnowBe4: Active Campaigns Phishing Prone Percentages List
- KnowBe4: Active Campaign with the Highest Phish Prone Percentage
- KnowBe4: Historical Campaign with the Highest Phish Prone Percentage
- KnowBe4: Active Campaigns - Days Since Last Run List
- KnowBe4: Users Count
- KnowBe4: Campaigns Count
- KnowBe4: Active Campaigns List
- KnowBe4: Total Number of Seats
- KnowBe4: Current Risk Score
- KnowBe4: Active Campaigns With Bounces List
- KnowBe4: Active Campaigns With Bounces Count
- KnowBe4: Average Training Completion Time
- KnowBe4: Training Enrollments With a Score of Under 85 List
- KnowBe4: Past Due Training Enrollments List
- KnowBe4: Past Due Training Enrollments Count
Microsoft 365
Summary
- Production Status: Production
- Description: Inspects the suite of Microsoft Cloud Service Products including Microsoft 365, Azure Active Directory, OneDrive, Teams, and Sharepoint using Microsoft Graph API, returning a wide variety of data including licensing, users, groups, mail routing, and actionable summary information such as security policies and unused license counts.
- Documentation
- Inspector Category: Cloud
- Discovers: Microsoft 365
Data Views Information
Parent Overview Data Table
- Company Name
- Email Domain (Default)
- Email Domain (Initial)
- Domains
- Address
- Tenant Secure Score vs. Maximum Secure Score
- Total Active Users
- Total Privileged Users
- Privileged Users
- Total Disabled Users
- Total Licensed Users
- Total Unlicensed Users
- Total Assigned Licenses
- Assigned Licenses Summary
- Details about Syncing: Organization Name, Directory Sync Enabled, Directory Last Sync Date
Parent Data Tab Headers
- Overview
- Licensing
- Users
- Roles
- Groups
- Mailboxes
- Secure Score
- Domains
- Organization
- Applications
- Service Principals
- Sites
- Contracts
Child Overview Data Table
- Microsoft Entra ID
- Total Users
- Total Enabled Users
- Total licensed Users
- Total Guest Users
- Total Microsoft 365 Groups
- Total Security Groups
- Total Mail-Enabled Security Groups
- Total Distribution Groups
- Total Licensed Products
- Total Global Admins
- Security
- Total Users with MFA Registered
- Total Risky Users
- Security Defaults (Enabled or Disabled)
- Exchange Online
- Total Mailboxes
- Total Inactive Mailboxes Last 7/30/180 Days
Child Data Tab Headers
- Overview
- Licensing
- Users
- Groups
- Exchange Online
- Security
- Devices
- Applications
- Intune
- Teams
- Sharepoint
- OneDrive
Actionable Alerts
- Azure Active Directory | High Level and At Risk User Identified
- Azure Active Directory | Medium Level and At Risk User Identified
- Azure Active Directory | Application Sign-in Success has dropped below 60%
- Azure Active Directory | Changes to Managed App Policies Assignment
- Azure Active Directory | Change to Conditional Access Policy State
- Azure Active Directory | Change to Security Defaults Enable Status
- Microsoft 365 | Exposure to Privileged Account(s) Due to Lack of Strong Authentication
- Microsoft 365 | Serious Exposure to Privileged Account(s) Due to Overuse
- Microsoft 365 | Exposure to Account(s) With Weak Password
- Microsoft 365 | Multiple Unassigned Microsoft 365 Licenses
- Microsoft 365 | Exposure to User Account(s) Due to Lack of Strong Authentication
- Microsoft 365 | Exposure to Suspicious Sign-Ins
- Microsoft 365 | Users with Risk Policy Disabled
- Microsoft 365 | Exposure to Stale or Disused User Accounts
- Microsoft 365 | Change to Enabled Users
- Microsoft 365 | Change to Active Mail Users
- Microsoft 365 | Change to Privileged Users
- Microsoft 365 | Change to License Summary Info
- Microsoft 365 | Change to Directory Sync Enablement
- Microsoft 365 | Active Roles Added/Removed
- Microsoft 365 | Groups Added/Removed
- Microsoft 365 | Multiple Unassigned Azure Directory Service Licenses
- Microsoft 365 | Multiple Unassigned Dynamics 365 Licenses
- Microsoft 365 | Multiple Unassigned Enterprise Mobility + Security Licenses
- Microsoft 365 | Multiple Unassigned Exchange Online Licenses
- Microsoft 365 | Multiple Unassigned Microsoft 365, Dynamics CRM and Intune Licenses
- Microsoft 365 | Multiple Unassigned One Drive Licenses
- Microsoft 365 | Multiple Unassigned Power BI Licenses
- Microsoft 365 | Multiple Unassigned Project Licenses
- Microsoft 365 | Multiple Unassigned Sharepoint and Skype for Business Licenses
- Microsoft 365 | Multiple Unassigned Visio Licenses
- Microsoft 365 | Multiple Unassigned Windows 10 Enterprise E3 Licenses
- Microsoft 365 | External Forwarding Rule Added/Removed/Modified
- Microsoft 365 | Internal Forwarding Rule Added/Removed/Modified
- Microsoft 365 | Disabled Users with Licenses
- Microsoft 365 | Users Exceeding Mailbox Issue Warning Quota
- Microsoft 365 | Prepaid Licenses In A Warning State
- Microsoft 365 | Hours Since Last Directory Sync >=24
- Microsoft Teams | Teams Added/Removed/Modified
- Microsoft Teams | Channels Added/Removed/Modified
- Microsoft Teams | User Teams Membership Added/Removed/Modified
Metrics
- Azure Active Directory: Group List
- Azure Active Directory: Conditional Access Policies List
- Azure Active Directory: Active Guest User List
- Azure Active Directory: Active Members User List
- Azure Active Directory: Active Users Count
- Azure Active Directory: Users Identified as High and At Risk Count
- Azure Active Directory: Users Identified as Medium and At Risk Count
- Azure Active Directory: Users Identified as High and At Risk List
- Azure Active Directory: Users Identified as Medium and At Risk List
- Azure Active Directory: Security Defaults Enabled Status
- Azure Active Directory: Report List of Sign-ins from outside the US
- Azure Active Directory: Sign-in Report List
- Azure Active Directory: Non-Compliant Device List
- Azure Active Directory: Non-Compliant Device Count
- Azure Active Directory: Unencrypted Device List
- Azure Active Directory: Unencrypted Device Count
- Azure Active Directory: Users not registered for MFA Count
- Azure Active Directory: Users not registered for MFA List
- Azure Active Directory: Enabled Administrative Roles List
- Azure Active Directory: Assigned App Policies List
- Azure Active Directory: Applications with Sign-in Percentage less than 60% Count
- Azure Active Directory: Applications with Sign-in Percentage less than 60% List
- Azure Active Directory: Devices with Unknown Compliance Count
- Azure Active Directory: Total Devices Not Enrolled Count
- Azure Active Directory: Organizations With Directory Sync Enabled And >= 1 Day Since Last Sync List
- Azure Active Directory: Devices List [Power BI]
- Azure Active Directory: Computers Details [PowerBI]
- Azure Active Directory: Mailnicknames for Active Users List [Power BI]
- Azure Active Directory: Users and Assigned Groups List [Power BI]
- Microsoft OneDrive: Total Users Count
- Microsoft OneDrive: Total Groups Count
- Microsoft OneDrive: Total Drives Count
- Microsoft OneDrive: Directory Quota Used
- Microsoft OneDrive: Directory Quota Limit
- Microsoft OneDrive: Directory Quota Summary
- Microsoft OneDrive: Largest Drive Size and Owner
- Microsoft OneDrive: Average Drive Contents Size
- Microsoft OneDrive: Total Size of All Drives
- Microsoft SharePoint: Total Lists Count
- Microsoft SharePoint: Total Drives Count
- Microsoft SharePoint: Total Sites Count
- Microsoft SharePoint: Total Pages Count
- Microsoft SharePoint: Drives with Under 5GB Remaining in Quota List
- Microsoft SharePoint: Drives with Under 5GB Remaining in Quota Count
- Microsoft Teams: Teams Summary
- Microsoft Teams: Channel Summary
- Microsoft Teams: User Team Summary
- Microsoft Teams: Count of Private Teams
- Microsoft Teams: List of Private Teams
- Microsoft Teams: Count of Privileged Users
- Microsoft Teams: List of Privileged Users
- Microsoft Teams: Count of Archived Teams
- Microsoft Teams: List of Archived Teams
- Office 365: Associated Domains
- Office 365: Active Users Email List
- Office 365: Privileged Users Count
- Office 365: Licenses Consumed Count - Enterprise E3
- Office 365: Licenses Consumed Count - Enterprise E5
- Office 365: Licenses Consumed Count - Enterprise Mobility + Security E5
- Office 365: Unlicensed User Count
- Office 365: Licensed User Count
- Office 365: Assigned License Summary
- Office 365: Assigned License Count
- Office 365: Disabled User Count
- Office 365: Active User Count
- Office 365: Licenses Consumed Count - Exchange Online (Plan 1)
- Office 365: Licenses Consumed Count - Free Flow
- Office 365: Licenses Consumed Count - Microsoft 365 Business Basic
- Office 365: Licenses Consumed Count - Microsoft 365 Business Standard
- Office 365: Licenses Consumed Count - Microsoft 365 Apps for Enterprise
- Office 365: Licenses Consumed Count - Power BI (Free)
- Office 365: Licenses Consumed Count - Power BI Pro
- Office 365: Licenses Consumed Count - Visio Pro for Office 365
- Office 365: Mailbox Rules with Errors Count
- Office 365: Mailbox Rules with Errors List
- Office 365: Mailbox Rules Count
- Office 365: Office 365 E3 Active Licenses Count
- Office 365: Office 365 E3 Assigned Licenses Count
- Office 365: Office 365 E5 Active Licenses Count
- Office 365: Office 365 E5 Assigned Licenses Count
- Office 365: Enterprise Mobility + Security E3 Active Licenses Count
- Office 365: Enterprise Mobility + Security E3 Assigned Licenses Count
- Office 365: Enterprise Mobility + Security E5 Active Licenses Count
- Office 365: Enterprise Mobility + Security E5 Assigned Licenses Count
- Office 365: Exchange Online (Plan 1) Active Licenses Count
- Office 365: Exchange Online (Plan 1) Assigned Licenses Count
- Office 365: Exchange Online (Plan 2) Active Licenses Count
- Office 365: Exchange Online (Plan 2) Assigned Licenses Count
- Office 365: Office 365 F1 Active Licenses Count
- Office 365: Office 365 F1 Assigned Licenses Count
- Office 365: Microsoft 365 Apps for Enterprise Active Licenses Count
- Office 365: Microsoft 365 Apps for Enterprise Assigned Licenses Count
- Office 365: Microsoft 365 Business Basic Active Licenses Count
- Office 365: Microsoft 365 Business Basic Assigned Licenses Count
- Office 365: Microsoft 365 Apps for Business Active Licenses Count
- Office 365: Microsoft 365 Apps for Business Assigned Licenses Count
- Office 365: Microsoft 365 Business Standard Active Licenses Count
- Office 365: Microsoft 365 Business Standard Assigned Licenses Count
- Office 365: Office 365 Small Business Active Licenses Count
- Office 365: Office 365 Small Business Assigned Licenses Count
- Office 365: Office 365 Small Business Premium Active Licenses Count
- Office 365: Office 365 Small Business Premium Assigned Licenses Count
- Office 365: Office 365 Enterprise E2 Active Licenses Count
- Office 365: Office 365 Enterprise E2 Assigned Licenses Count
- Office 365: Office 365 Enterprise E1 Active Licenses Count
- Office 365: Office 365 Enterprise E1 Assigned Licenses Count
- Office 365: SystemInfo Overview
- Office 365: Users List
- Office 365: Privileged Users List
- Office 365: Role Members
- Office 365: Apps List
- Office 365: Group Members
- Office 365: Groups List
- Office 365: Domains List
- Office 365: Licenses
- Office 365: Active User Summary
- Office 365: Active Mail User Summary
- Office 365: Privileged User Summary
- Office 365: Directory Sync Enabled
- Office 365: Company Name
- Office 365: Active Roles List
- Office 365: External Forwarding Rule Summary
- Office 365: Internal Forwarding Rule Summary
- Office 365: Admin Users with MFA Disabled Count
- Office 365: Privileged Users with Overuse Count
- Office 365: Privileged Users with Overuse List
- Office 365: Accounts with Weak Passwords List
- Office 365: Accounts with Weak Passwords Count
- Office 365: Unassigned SMB and Enterprise License Summary
- Office 365: Unassigned SMB and Enterprise License Count
- Office 365: Non-Admin Users with MFA Disabled Count
- Office 365: Users with Sign-In Risk Policy Disabled Count
- Office 365: Users with Risk Policy Disabled Count
- Office 365: Stale or Disused User Accounts List
- Office 365: Stale or Disused User Accounts Count
- Office 365: Unassigned Azure Directory License Summary
- Office 365: Unassigned Azure Directory License Count
- Office 365: Unassigned Dynamics 365 License Summary
- Office 365: Unassigned Dynamics 365 License Count
- Office 365: Unassigned Enterprise Mobility + Security License Summary
- Office 365: Unassigned Enterprise Mobility + Security License Count
- Office 365: Enabled Accounts Count
- Office 365: Unassigned Exchange Online License Summary
- Office 365: Unassigned Exchange Online License Count
- Office 365: Unassigned Microsoft 365, Dynamics CRM and Intune License Summary
- Office 365: Unassigned Microsoft 365, Dynamics CRM and Intune License Count
- Office 365: Unassigned OneDrive License Summary
- Office 365: Unassigned OneDrive License Count
- Office 365: Unassigned Power BI License Summary
- Office 365: Unassigned Power BI License Count
- Office 365: Unassigned Project License Summary
- Office 365: Unassigned Project License Count
- Office 365: Unassigned Sharepoint and Skype for Business License Summary
- Office 365: Unassigned Sharepoint and Skype for Business License Count
- Office 365: Unassigned Visio License Summary
- Office 365: Unassigned Visio License Count
- Office 365: Unassigned Windows 10 Enterprise E3 License Summary
- Office 365: Unassigned Windows 10 Enterprise E3 License Count
- Office 365: Disabled Users with Licenses List
- Office 365: Disabled Users with Licenses Count
- Office 365: Microsoft 365 Business Premium Active License Count
- Office 365: Microsoft 365 Business Premium Assigned License Count
- Office 365: Mailbox Storage Exceeding Quota Count
- Office 365: Mailbox Storage Exceeding Quota List
- Office 365: Active User
- Office 365: Privileged Users
- Office 365: List of user accounts with Exchange License
- Office 365: Licensed User Summary
- Office 365: Stale and Licensed Users
- Microsoft 365: Prepaid Licenses In Warning State List
- Microsoft 365: Prepaid Licenses In Warning State Count
- Microsoft 365: Users w/ Associated Licenses
- Microsoft 365: Hours Since Last Directory Sync >=24
- Microsoft 365: License Summary [Power BI]
- Microsoft 365: Users [Power BI]
- Microsoft 365: System Info [Power BI]
- Microsoft 365: MailNicknames [Power BI]
- Microsoft 365: Users Search List [Power BI]
OneLogin
Summary
- Production Status: Production
- Description: A dedicated inspector for OneLogin, a cloud identity and access management solution.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Total Applications
- Total Users
- Total Active Users
- Never Logged In
- Unactivated
- Suspended
- Locked
- Password Expired
- Awaiting Password Reset
- Password Pending
- Needs To Set Security Questions
Data Tab Headers
- Overview
- Users
- Groups & User Mappings
- Roles
- Apps
Actionable Alerts
- OneLogin | Change to Active Users
- OneLogin | Locked User(s)
Metrics
- OneLogin: User Summary
- OneLogin: Application Summary
- OneLogin: Active Users List
- OneLogin: Active Users Count
- OneLogin: Never Logged In Users List
- OneLogin: Never Logged In Users Count
- OneLogin: Unactivated Users List
- OneLogin: Unactivated Users Count
- OneLogin: Suspended Users List
- OneLogin: Suspended Users Count
- OneLogin: Locked Users List
- OneLogin: Locked Users Count
- OneLogin: Users With Expired Password List
- OneLogin: Users With Expired Password Count
Roar
Summary
- Production Status: Beta
- Description: Inspects an instance of Roar for health, status, and current metrics.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Users
- Groups
- Agents
- Events
- Environments
- Inspectors
- Launchpoints
- Integrations
Data Tab Headers
- Overview
- Users
- Groups
- Agents
- Events
- Environments
- Integrations
- Launchpoints
- Launchpoints Health
- Integration Mappings
- Billable
Actionable Alerts
- Roar | Failed SonicWall Launchpoint(s)
- Roar | No Agent Heartbeat Within Last 24 Hours
- Roar | Failed AWS Inspector(s)
- Roar | Failed Domain Inspector(s)
- Roar | Failed Cisco Meraki Inspector(s)
- Roar | Failed Dark Web Monitoring Inspector(s)
- Roar | Failed Microsoft 365 Inspector(s)
- Roar | Failed Connectwise Inspector(s)
- Roar | Failed SQL Server Inspector(s)
- Roar | Failed Azure Inspector(s)
- Roar | Failed Active Directory Inspector(s)
- Roar | Failed Webroot Inspector(s)
- Roar | Failed SSL Inspector(s)
- Roar | Failed Network IP Inspector(s)
- Roar | Failed Cisco ASA Inspector(s)
- Roar | Failed GoDaddy Inspector(s)
- Roar | Failed Windows Server Inspector(s)
- Roar | Failed IT Glue Inspector(s)
- Roar | Failed OneLogin Inspector(s)
- Roar | Failed Sophos XG Inspector(s)
- Roar | Failed Watchguard Inspector(s)
- Roar | Failed Cisco IOS Inspector(s)
- Roar | Failed Cisco Umbrella Inspector(s)
- Roar | Failed Fortinet Fortigate Inspector(s)
- Roar | Failed Dropbox Inspector(s)
- Roar | Failed Veeam Availability Console Inspector(s)
- Roar | Failed Connectwise Automate Inspector(s)
- Roar | Failed pfSense Inspector(s)
- Roar | Failed Datto BCDR Inspector(s)
- Roar | Failed Hyper-V Inspector(s)
- Roar | Failed Ubiquiti UniFi Inspector(s)
- Roar | Failed Network Discovery Inspector(s)
- Roar | Failed Sophos SG Inspector(s)
- Roar | Failed Autotask Inspector(s)
- Roar | Failed StorageCraft SPX Inspector(s)
- Roar | Failed Duo Security Inspector(s)
- Roar | Failed Kaseya VSA Inspector(s)
- Roar | Failed Watchman Monitoring Inspector(s)
- Roar | Failed Addigy Inspector(s)
- Roar | Failed Linux Inspector(s)
- Roar | Failed Bitdefender GravityZone Inspector(s)
- Roar | Failed VMware vSphere Inspector(s)
- Roar | Failed VMware ESXI Inspector(s)
- Roar | Failed Google Workspace Inspector(s)
- Roar | Failed Auvik Inspector(s)
- Roar | Failed HP ProCurve Inspector(s)
- Roar | Failed Synology NAS Inspector(s)
- Roar | Failed Sophos Central Inspector(s)
- Roar | Failed Slack Inspector(s)
- Roar | Failed JumpCloud Inspector(s)
- Roar | Failed ESET Inspector(s)
- Roar | Failed SentinelOne Inspector(s)
- Roar | Failed Solarwinds N Central Inspector(s)
- Roar | Failed Ninja RMM Inspector(s)
- Roar | Failed Datto RMM Inspector(s)
- Roar | Failed Veeam SPC Inspector(s)
- Roar | Failed Cove Data Protection Inspector(s)
- Roar | Failed Cisco SBS Inspector(s)
- Roar | Failed Datto Networking Inspector(s)
- Roar | Failed Google Drive Inspector(s)
- Roar | Failed KnowBe4 Inspector(s)
- Roar | Failed Cloudflare Inspector(s)
- Roar | Failed Kaseya BMS Inspector(s)
- Roar | Failed 3cx Inspector(s)
- Roar | Failed Syncro Inspector(s)
- Roar | Failed N-able RMM Inspector(s)
- Roar | Failed Domotz Inspector(s)
- Roar | Failed Managed Printer Inspector(s)
- Roar | Failed Windows Workstation Inspector(s)
- Roar | Failed Vade Inspector(s)
- Roar | Failed Acronis Cyber Cloud Inspector(s)
- Roar | Failed HaloPSA Inspector(s)
- Roar | Failed Sonicwall Capture Client Inspector(s)
- Roar | Failed macOS Inspector(s)
- Roar | No Agent Heartbeat Within Last 24 Hours
- Roar | Failed SonicWall Inspector(s)
Metrics
- Roar: SystemInfo
- Roar: Failed SonicWall Launchpoint(s) List
- Roar: Failed SonicWall Launchpoint(s) Count
- Roar: Agents Without Heartbeat in Last 24 Hours List
- Roar: Agents Without Heartbeat in Last 24 Hours Count
- Roar Inspector: Billable Environment with over 10 Endpoint Inspectors
- Roar Inspector: List of Failed Launchpoints (Inspectors)
- Roar Inspector: List of Agents not Checking In
- Roar: Agents Without a Heartbeat in over 24 Hours Count
- Roar: Agents Without a Heartbeat in over 24 Hours
- Roar: Number of Inspectors per Inspector Type
- Roar: Count of Inspectors
- Roar: Count of Agents
- Roar: Count of Users
- Roar: Count of Discovered Inspectors
- Roar: Number of Failed Inspectors per Inspector Type
- Roar: Number of Setup Issue Inspectors per Inspector Type
- Roar: Users without MFA
- Roar: Global Admins Count
- Roar: Global Admins
- Roar: List of Users [Power BI]
- Roar Inspector: Discovered Inspectors [Power BI]
- Roar: Inspector statuses [Power BI]
- Roar Inspector macOS Inspector List
- Roar Inspector: Failed macOS Inspector Count
- Roar Inspector Sonicwall Capture Client List
- Roar Inspector: Failed Sonicwall Capture Client Count
- Roar Inspector HaloPSA List
- Roar Inspector: Failed HaloPSA Count
- Roar Inspector Acronis Cyber Cloud Inspector List
- Roar Inspector: Failed Acronis Cyber Cloud Inspector Count
- Roar Inspector Vade Inspector List
- Roar Inspector: Failed Vade Inspector Count
- Roar Inspector Windows Workstation Inspector List
- Roar Inspector: Failed Windows Workstation Inspector Count
- Roar Inspector Managed Printer Inspector List
- Roar Inspector: Failed Managed Printer Inspector Count
- Roar Inspector Domotz Inspector List
- Roar Inspector: Failed Domotz Inspector Count
- Roar Inspector Nable Rmm Inspector List
- Roar Inspector: Failed Nable Rmm Inspector Count
- Roar Inspector Syncro Inspector List
- Roar Inspector: Failed Syncro Inspector Count
- Roar Inspector 3cx Inspector List
- Roar Inspector: Failed 3cx Inspector Count
- Roar Inspector Ms Onedrive Inspector List
- Roar Inspector: Failed Ms Onedrive Inspector Count
- Roar Inspector Kaseya BMS Inspector List
- Roar Inspector: Failed Kaseya BMS Inspector Count
- Roar Inspector Cloudflare Inspector List
- Roar Inspector: Failed Cloudflare Inspector Count
- Roar Inspector Knowbe4 Inspector List
- Roar Inspector: Failed Knowbe4 Inspector Count
- Roar Inspector Google Drive List
- Roar Inspector: Failed Google Drive Inspector Count
- Roar Inspector Datto Networking Inspector List
- Roar Inspector: Failed Datto Networking Inspector Count
- Roar Inspector Cisco SBS Inspector List
- Roar Inspector: Failed Cisco SBS Inspector Count
- Roar Inspector Solarwinds Backup Inspector List
- Roar Inspector: Failed Solarwinds Backup Inspector Count
- Roar Inspector Veeam SPC Inspector List
- Roar Inspector: Failed Veeam SPC Inspector Count
- Roar Inspector Datto RMM Inspector List
- Roar Inspector: Failed Datto RMM Inspector Count
- Roar Inspector Ninja RMM Inspector List
- Roar Inspector: Failed Ninja RMM Inspector Count
- Roar Inspector Solarwinds N Central Inspector List
- Roar Inspector: Failed Solarwinds N Central Inspector Count
- Roar Inspector Sentinelone Inspector List
- Roar Inspector: Failed Sentinelone Inspector Count
- Roar Inspector ESET Inspector List
- Roar Inspector: Failed ESET Inspector Count
- Roar Inspector Jumpcloud Inspector List
- Roar Inspector: Failed Jumpcloud Inspector Coun
- Roar Inspector Slack Inspector List
- Roar Inspector: Failed Slack Inspector Count
- Roar Inspector Sophos Central Inspector List
- Roar Inspector: Failed Sophos Central Inspector Count
- Roar Inspector Synology NAS Inspector List
- Roar Inspector: Failed Synology NAS Inspector Count
- Roar Inspector Hp Procurve Inspector List
- Roar Inspector: Failed Hp Procurve Inspector Count
- Roar Inspector Auvik Inspector List
- Roar Inspector: Failed Auvik Inspector Count
- Roar Inspector Gsuite Inspector List
- Roar Inspector: Failed Gsuite Inspector Count
- Roar Inspector Continuum RMM Inspector List
- Roar Inspector: Failed Continuum RMM Inspector Count
- Roar Inspector Vmware Esxi Inspector List
- Roar Inspector: Failed Vmware Esxi Inspector Count
- Roar Inspector Vmware Vsphere Inspector List
- Roar Inspector: Failed Vmware Vsphere Inspector Count
- Roar Inspector Bitdefender Gravityzone Inspector List
- Roar Inspector: Failed Bitdefender Gravityzone Inspector Count
- Roar Inspector Linux Inspector List
- Roar Inspector: Failed Linux Inspector Count
- Roar Inspector Barracuda Firewall Inspector List
- Roar Inspector: Failed Barracuda Firewall Inspector Count
- Roar Inspector Addigy Inspector List
- Roar Inspector: Failed Addigy Inspector Count
- Roar Inspector Watchman Monitoring Inspector List
- Roar Inspector: Failed Watchman Monitoring Inspector Count
- Roar Inspector Palo Alto Inspector List
- Roar Inspector: Failed Palo Alto Inspector Count
- Roar Inspector Kaseya VSA Inspector List
- Roar Inspector: Failed Kaseya VSA Inspector Count
- Roar Inspector Duo Security Inspector List
- Roar Inspector: Failed Duo Security Inspector Count
- Roar Inspector Storagecraft Spx Inspector List
- Roar Inspector: Failed Storagecraft Spx Inspector Count
- Roar Inspector Autotask Inspector List
- Roar Inspector: Failed Autotask Inspector Count
- Roar Inspector Sophos SG Inspector List
- Roar Inspector: Failed Sophos SG Inspector Count
- Roar Inspector JunOS Inspector List
- Roar Inspector: Failed JunOS Inspector Count
- Roar Inspector Network Discovery Inspector List
- Roar Inspector: Failed Network Discovery Inspector Count
- Roar Inspector Ubiquiti Unifi Inspector List
- Roar Inspector: Failed Ubiquiti Unifi Inspector Count
- Roar Inspector Hyper-V Inspector List
- Roar Inspector: Failed Hyper-V Inspector Count
- Roar Inspector Datto Inspector List
- Roar Inspector: Failed Datto Inspector Count
- Roar Inspector Pfsense Inspector List
- Roar Inspector: Failed Pfsense Inspector Count
- Roar Inspector Connectwise Automate Inspector List
- Roar Inspector: Failed Connectwise Automate Inspector Count
- Roar Inspector Veeam Availability Console Inspector List
- Roar Inspector: Failed Veeam Availability Console Inspector Count
- Roar Inspector Dropbox Inspector List
- Roar Inspector: Failed Dropbox Inspector Count
- Roar Inspector Fortinet Fortigate Inspector List
- Roar Inspector: Failed Fortinet Fortigate Inspector Count
- Roar Inspector Cisco Umbrella Inspector List
- Roar Inspector: Failed Cisco Umbrella Inspector Count
- Roar Inspector Cisco IOS Inspector List
- Roar Inspector: Failed Cisco IOS Inspector Count
- Roar Inspector Watchguard Inspector List
- Roar Inspector: Failed Watchguard Inspector Count
- Roar Inspector Sophos XG Inspector List
- Roar Inspector: Failed Sophos XG Inspector Count
- Roar Inspector Onelogin Inspector List
- Roar Inspector: Failed Onelogin Inspector Count
- Roar Inspector Itglue Inspector List
- Roar Inspector: Failed Itglue Inspector Count
- Roar Inspector Windows Server Inspector List
- Roar Inspector: Failed Windows Server Inspector Count
- Roar Inspector Godaddy Inspector List
- Roar Inspector: Failed Godaddy Inspector Count
- Roar Inspector Cisco ASA Inspector List
- Roar Inspector: Failed Cisco ASA Inspector Count
- Roar Inspector Network Ip Inspector List
- Roar Inspector: Failed Network Ip Inspector Count
- Roar Inspector SSL Inspector List
- Roar Inspector: Failed SSL Inspector Count
- Roar Inspector Webroot Inspector List
- Roar Inspector: Failed Webroot Inspector Count
- Roar Inspector Box Inspector List
- Roar Inspector: Failed Box Inspector Count
- Roar Inspector Active Directory Inspector List
- Roar Inspector: Failed Active Directory Inspector Count
- Roar Inspector Azure Inspector List
- Roar Inspector: Failed Azure Inspector Count
- Roar Inspector SQL Server Inspector List
- Roar Inspector: Failed SQL Server Inspector Count
- Roar Inspector Connectwise Manage Inspector List
- Roar Inspector: Failed Connectwise Manage Inspector Count
- Roar Inspector Microsoft 365 Inspector List
- Roar Inspector: Failed Microsoft 365 Inspector Count
- Roar Inspector Sonicwall Inspector List
- Roar Inspector: Failed Sonicwall Inspector Count
- Roar Inspector Identity Monitoring Inspector List
- Roar Inspector: Failed Identity Monitoring Inspector Count
- Roar Inspector Cisco Meraki Inspector List
- Roar Inspector: Failed Cisco Meraki Inspector Count
- Roar Inspector Domain Inspector List
- Roar Inspector: Failed Domain Inspector Count
- Roar Inspector AWS Inspector List
- Roar Inspector: Failed AWS Inspector Count
SentinelOne
Summary
- Production Status: Production
- Description: A dedicated inspector for SentinelOne, a cloud based security and threat prevention platform that offers endpoint protection (EPP), endpoint detection and response (EDR), IoT security, and cloud workload protection (CWPP) in a centralized platform.
- Documentation
- Inspector Category: Cloud
- Discovers: SentinelOne
Data Views Information
Child Overview Data Table
- Site Name
- Site ID
- Default?
- System Health Status
- Unresolved Threats
- Threats Not Mitigated
- Infected Endpoints
- Total Endpoints
- Total Users
- Total Groups
- Total Policies
- User API Tokens Exiring Within 14 Days
- Account Name
- Site Name
- Total Licenses
- Active Licenses
- Site SKU
- Site State
- Days Until Expiration
Child Data Tab Headers
- Overview
- Users
- Groups
- Threats
- Endpoints
- Policies
- Controls
- Activity
Actionable Alerts
- SentinelOne | Less Than 30 Days Until License Expiration
- SentinelOne | Users With API Tokens Changed
- SentinelOne | Systems With Active Threats
- SentinelOne | Less Than 14 Days Until Expiration of One or More User API Tokens
Metrics
- SentinelOne: Users Without MFA Enabled List
- SentinelOne: Users With API Tokens List
- SentinelOne: Systems With Active Threats List
- SentinelOne: Days Until License Expiry Count
- SentinelOne: Days Until API Token Expires
Slack
Summary
- Production Status: Production
- Description: Inspects a Slack workspace.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Team Name
- Domain
- Email Domain
- Primary Owner
- Total Active Users
- Total Admin Users
- Admin Users
- Total Deactivated Users
- Total Users Enrolled in 2-Step Verification
- Users Not Enrolled in 2-Step Verification
- Total Billable Users
- Billable Users
Data Tab Headers
- Overview
- Users
- Public Channels
- Shared Channels
- Archived Channels
Actionable Alerts
- Slack | Privileged User Added/Removed
- Slack | Users without 2FA Enabled Exist
Metrics
- Slack: Admin Users Count
- Slack: Slack: Admin Users List
- Slack: Users with 2FA Enabled Count
- Slack: Users without 2FA Enabled Count
- Slack: Users without 2FA Enabled List
- Slack: Channels Count
- Slack: Public Channels Count
- Slack: Externally Shared Channels Count
- Slack: Externally Shared Channels List
- Slack: Archived Channels Count
- Slack: Archived Channels List
SonicWall Capture Client
Summary
- Production Status: Production
- Description: Inspects a SonicWall Capture Client account instance configuration .
- Documentation
- Inspector Category: Cloud
- Discovers: Child SonicWall Capture Client Inspectors
Data Views Information
Overview Data Table
- Tenant Name
- Tenant ID
- Notification Settings
Administrators
- Name
- Role
- Scope
- Days since last login
Policies
- Client Policies
- Policy Name
- Policy ID
- Assigned To
- Scope
- Inherited Status
- Enforced Status
- Agent Policies
- Policy Name
- Policy ID
- Assigned To
- Enforced
- Policy Type
- Scope
- Inherited
- Policy Last Update
Groups
- Device Groups
- Group Name
- Group ID
- Assign Mode
- Kind
- Group Type
- Devices
- User Groups
- Group Name Group ID
- Assign Mode
- Kind
- Group type
- Users
Endpoints
- Devices
- Device Name
- Device ID
- Online Status
- Client State
- Operating System
- Client Version
- Last User
- Last Active
- S1 Agent Active
- Domain
TLS/SSL
Summary
- Production Status: Production
- Description: Inspects a TLS / SSL security certificate, returning a wide variety of data including known security issues (e.g., due to weak ciphers,) issuer, expiration data, and more.
- Documentation
- Inspector Category: Cloud
- Discovers: N/A
Data Views Information
Overview Data Table
- Common Name
- IP Address
- Alternative Names
- SHA1 Fingerprint
- SHA256 Fingerprint
- HTTP Public Key Pinning (HPKP)
- Country or Region
- Organization
- Common Name
- AIA URI
- Serial Number
- Version
- Signature Algorithm
- Not Valid Before
- Not Valid After
- Days Until Expiration
- OCSP URI
- URL Redirects To
- Algorithm
- Key Size
- Subject Matches Hostname
- TLS 1.3
- TLS 1.2
- TLS 1.1
- TLS 1.0
- Details about Extensions: OID, Name, Critical
Data Tab Headers
- Overview
Actionable Alerts
- TLS/SSL | Certificate Expiration
- TLS/SSL | Weak Protocol Supported
- TLS/SSL | Serious Exposure to SSL Forgery / Interception
- TLS/SSL | Web Traffic Exposure to Sniffing and Lack of Website Validation
- TLS/SSL | Auto-Renewing Certificate Expiration
Metrics
- TLS/SSL: Days Until Certificate Expiration
- TLS/SSL: Certificate Issuer
- TLS/SSL: Alternative Cert Names
- TLS/SSL: SystemInfo
- TLS/SSL: Certificate Expiration Date
- TLS/SSL: Certificate Expiration
- TLS/SSL: Supported Protocols List
- TLS/SSL: Certificate Has SHA1 in Chain
- TLS/SSL: Certificate Exists
Updated about 1 month ago