Windows Agent Security

The Windows Agent is protected by a multi-layered “watchdog” mechanism that continuously monitors the recording Agent. If the Agent process is unexpectedly stopped, the watchdog immediately restarts it and reports the incident to the Application Server. If configured, the event is also reported to a SIEM system and/or an email address.

ObserveIT detects any Agent files or offline data that has been tampered with or has incurred data loss, and generates events which can be viewed in the Web Console and Administrator Dashboard. These events can also be sent to an email address and/or to an integrated SIEM system.