ThreatLocker Inspector Summary

Summary
| Property | Value |
|---|---|
| Production Status | Beta |
| Category | Apps & Services |
| Discovers | ThreatLocker Child Inspectors (one per Organization) |
Description
The ThreatLocker Inspector enables you to automatically collect endpoint security and policy data from the ThreatLocker Portal API. The inspector authenticates to your MSP portal, automatically discovers each managed organization, and creates one Liongard Environment per organization for cross-tenant visibility and reporting.
The inspector collects data for:
- Allowlisting
- Elevation
- Storage Control
- Network Control
- Configuration Manager
- Detect Policies
- Users
Data View Information
Parent Overview Table
The Parent Inspector provides an MSP-wide view of your ThreatLocker environment, including:
- MSP Summary
- Child Organizations
- Total Endpoints Across MSP
- Users
Parent Data Tab Headers
- MSP Overview
- Organizations
- MSP Users
Child Overview Data Table
Organization Overview
- Organization Name
- Organization ID
- Modules Included
- Onboarded
- Billing Model
- License Method
- Total Computers Installed
- Total Computers Secured
- Device Security Coverage (%)
- Stale Computers (no check-in in 7 days)
- Denied Actions (1d)
- Denied Actions (3d)
- Denied Actions (7d)
- Computer Groups
- Mobile Devices
- Application Policies
- Local Admin Users
- Local Admin Policies
- Network Policies
- Storage Policies
- Configuration Manager Policies
- Detect Policies
- Users
Child Data Tab Headers
- Overview
- Computers
- Computer Groups
- Mobile Devices
- Application Policies
- Local Admin Users
- Local Admin Policies
- Network Policies
- Storage Policies
- Configuration Manager
- Detect Policies
- Users
Metrics
- ThreatLocker: Child Organization Count
- ThreatLocker: MSP Total Endpoints
- ThreatLocker: Total Computers Installed
- ThreatLocker: Total Computers Secured
- ThreatLocker: Device Security Coverage (%)
- ThreatLocker: Stale Computers (>7d)
- ThreatLocker: Denied Activity - Last 1 Day
- ThreatLocker: Denied Activity - Last 3 Days
- ThreatLocker: Denied Activity - Last 7 Days
- ThreatLocker: Computer Groups Count
- ThreatLocker: Mobile Device Count
- ThreatLocker: Geolocation Enabled Devices
- ThreatLocker: Active Application Policies
- ThreatLocker: Inactive Application Policies
- ThreatLocker: Active Network Policies
- ThreatLocker: Active Storage Policies
- ThreatLocker: Configuration Manager Policy Count
- ThreatLocker: Active Detect Policies
- ThreatLocker: Users Without MFA
- ThreatLocker: Users With Stale Passwords (>90d)
- ThreatLocker: Users With No Recent Login (>30d)
Actionable Alerts
- TBD
Updated about 2 hours ago
Did this page help you?

