We want to make sure you are aware of any sensors that have been offline for any period of time.
Red Canary offers several ways to monitor endpoints in your environment:
- On demand email when servers are offline for more than an hour
- Daily/weekly email including workstations that are offline
- On demand Endpoint Inbox in your Red Canary portal
Using the Endpoint Inbox to understand your endpoint visibility
The Endpoint Inbox is found by clicking More > Endpoint Inbox menu. This view highlights several key classes of endpoints that require your attention:
Unmonitored servers are any server class endpoint that has been offline for more than 1 hour and has not come back online.
Workstations unmonitored more than a week
Any workstation class endpoint that has been offline for more than 7 days.
Workstations unmonitored less than a week
Any workstation class endpoint that has been offline for less than 7 days. Common reasons workstations fall into this state include:
- a sensor being uninstalled or tampered with unknowingly
- a workstation is offline for the weekend or a vacation
Endpoints without data
Any endpoint that is struggling to efficiently send data to Red Canary. This typically requires attention to the endpoint to ensure the sensor is operating properly.