User Session Auditor:
Features for Auditing remote access

Key Features

Versions and Pricing
ObserveIT Xpress
Free, with no time-out.
Limited config & features.
Free Download
ObserveIT Enterprise
15-day trial for POC.
All enterprise features.
Download Trial
Get Prices
What's right for you?
Comparison Table
Auditing user sessions on Windows

Record and Replay Windows Sessions

  • Exact video playback of every Windows session
  • Includes mouse movements, UI interaction and text entry
  • Fast navigation, using DVD-like controls
Learn more about Windows session recording
Auditing user sessions on Unix

Record and Replay Unix/Linux Sessions

  • Exact video playback of every Unix and Linux session
  • Includes command line interaction, text entry and underlying system calls
  • Fast navigation, using DVD-like controls
Learn more about SSH session recording
Capturing application data for user audits

Video Content Analysis Logs

  • Captures details about each user action
  • Application name, User name, Server, Window title, File or Resource
  • Accessed, underlying system calls
  • Interactive drilldown
  • No need to replay hours of video to find what you need:
Learn more about Video Content Analysis
Auditing user sessions on Windows

Generate Logs for Apps with No Logs

  • Detailed log for every app, even those that have no internal logs
  • Cloud apps (ex: salesforce.com), legacy apps (ex: customized accounting), commercial apps (ex: Excel, SQL query tools)
  • Logs shows actual user action (files opened, screens viewed) instead of obscure technical details of system event log
Learn more about Log Generation
Auditing user sessions on Windows

SIEM Integration

  • Display user activity text logs within SIEM reports and dashboards
  • Launch video replay of user action from within any SIEM
  • Correlate ObserveIT video replay with any other log data for on-the-spot audit clarifications
  • Open standards for data integration, plus native integration connector available for Splunk, Arcsight, RSA enVision and CA UARM
Learn more about SIEM integration
Auditing user sessions on Windows

Privileged Identity Management

  • Require shared-id users (ex: "administrator") to add secondary login credentials
  • Adds an additional level of system access control for sensitive resources
  • Manage users locally or tie in to Active Directory or CA PUPM user management
  • Eliminates the shroud of secrecy associated with generic id's
Learn more about Privileged Identity Management
Ddatabase Archiving

Database Management

  • Selectively archive video recording data
  • One-click access archive data
  • Flexible storage options via SQL database or file system
Learn more about Database Management
Session Privacy

4-Eyes Session Privacy Dual Password

  • Specify a second password (not managed by the ObserveIT administrator) that is required to replay video
  • Ensure audit completeness as well as employee privacy
  • In the most typical usage, Management (via ObserveIT Administrator) holds the main ObserveIT password, and a union rep or legal council holds the second password
  • Satisfy the most stringent privacy protection regulations, including BDSG (Germany), CNIL (France), DPD 95/46/EC (EU), Human Rights Act (UK)
Learn more about Session Privacy
Interacting with users

User Messaging

  • Send policy and status updates to each user exactly as they log in to server
  • Ensure that corporate standards are understood and acknowledged
  • Capture admin support ticket number for issue tracking
Recording user sessions for RDP, Citrix, SSH

Real-time Playback

  • Sessions recordings are immediately available once session begins
  • View session activity "on the air", while users are still active
Customizing session recording with API

Agent API Interface

  • Control the ObserveIT Agent via scripting and custom DLLs from within your corporate applications
  • Start, stop, pause and resume recorded sessions based on custom event triggers
  • Trigger activity based on process IDs, process names or web URLs
Audit reporting for user sessions

Report Generator

  • Create your own custom reports
  • Schedule reports to run automatically for email delivery
  • Export Excel or XML data
Recording RDP, SSH, Terminal Services, Citrix and more

Complete coverage

  • Agnostic to network protocol and client application
  • Captures all remote sessions and also console sessions
  • Supports SSH, Telnet, Terminal Services, Citrix, Remote Desktop, PC-Anywhere, VMware, VNC, Dameware and more
User auditing and system monitors

System Monitor Integration

  • Instant replay from within network management (SCOM, Unicenter, Tivoli, OpenView and more)
  • Real-time alerts on any user action (file access, network share, registry edit, URL access)
Secure user session recording

Robust Security

  • Agent-Server encryption
  • Digital Signatures
  • Watchdog mechanism
Learn more about ObserveIT Security
Policy rules for user session auditing

Event-Driven Rules

  • Granular policy rules per server, user or user group
  • Determine include/exclude of recording and metadata capture
  • Specify stealth mode and user identification requirements
user permissions in session recording

Pervasive User Permissions

  • Granular permissions / access control
  • Permission-based filtering affects all content access (reports, search results, etc.)
  • Satisfies regulatory requirements
user session recording performance

Small Footprint

  • Ultra-efficient data storage: Less than 250GB/year for high-usage, 1000 server environment
  • Minimal Agent CPU utilization: 0% CPU when no console active, 1%-2% CPU, 10 MB RAM during session
close