ObserveIT is a software that records all human activities on monitored servers, either visually, or through metadata, allowing replaying of the recorded sessions in case of visual recording, and understanding of what exactly was performed on the monitored servers, who did it, and what applications where accessed. ObserveIT captures not only screenshots, but also an abundance of information about what is seen on the screen, the user performing the action, the remote computer's name and IP, date, time, application executable name, windows title and more. All this information is stored, alongside the screenshots, inside a SQL database, allowing very flexible searching capabilities and enterprise-scale management. ObserveIT can be configured in a very easy manner, allowing for flexible administration based upon the organization's needs.

ObserveIT constantly monitors and records all user activity. The recorded activity includes all user actions, applications, system configuration, registry changes or any other user-initiated action that are done by any user from the point they log on to the monitored computer, to the point they log off. Because ObserveIT records a the operating system level, it is agnostic to the protocol used for the connection. Therefore, the method of connectivity can be either local interactive logon, Remote Desktop, Terminal Server, Citrix, VNC, NetOp, Dameware or any other remote connection mechanism.

ObserveIT integrates with LDAP services such as Microsoft Active Directory, in order to provide an integrated Identification Service. By using this feature, it is possible to identify exactly who performed the action or used an application on a server, even if the user name used for the Windows logon process was a generic user such as "Administrator". When enabling ObserveIT's Identification Services, the users logging on to the monitored computers will be required to provide secondary logon information that will be used to clearly identify them. ObserveIT visually records all user-initiated actions or accessed applications. However, it also records additional metadata information about what is seen in each screenshot, that contains information such as the time, data, server name, user session, user name, action performed by the user, file name and path, browser URL, registry path, application window title and executable name and more. This metadata is stored alongside the recorded screenshots in a central and secured SQL database, making it possible to perform complex searches that span the entire organization.

ObserveIT records a timestamp on each screenshot, and integrates it with the associated metadata, which also contains information about the date and time of each snapshot. This allows for 100% correlation between the replayed sessions, and the presented metadata.

ObserveIT stores the screenshots and associated metadata as individual records inside a SQL database. These records are protected by digital signature, and cannot be altered or deleted. Access to these records is allowed only by the users that are defined as administrators or view-only administrators for ObserveIT, and is only restricted to viewing the recordings.

ObserveIT has a built-in mechanism for auditing any access to the stored recordings. Anytime an ObserveIT administrator or view-only administrator views a recorded session, a matching audit event is logged. This eliminates the need for a 3rd-party auditing system.

ObserveIT's built-in audit mechanism is read-only. Because all the recorded sessions, attached metadata, and audit records are stored in a central and protected SQL database, these records cannot be tampered with.

ObserveIT has a built-in reporting functionality that enables administrators to receive daily, weekly or monthly e-mail reports containing information on the user activity and applications that where accessed on monitored servers. Furthermore, ObserveIT has the ability to generate textual log files containing information about user activity and accessed applications, which can be parsed by most 3rd-party monitoring and management tools such as Microsoft Operation Manager, System Center Operation Manager 2007, HP Openview, CA-Unicenter and more. These applications can be then configured to generate events and alerts whenever a specific condition occurs.

ObserveIT's recorded sessions, attached metadata, and audit records are stored in a central and protected SQL database, where they are retained indefinitely.