Monitoring and reporting¶
Afi SaaS backup provides a comprehensive set of features and tools for backup health monitoring and status reporting, including:
- Overview dashboard providing an eagle eye view for backup and protection statuses;
- Activity section with detailed task history and audit event log;
- Periodic account status reports sent to email, Slack, Microsoft Teams, or Google Chats;
- Licensing, ransomware, and system notifications;
- Ability to ingest audit events into a customer-provided SIEM solution;
- Public API for integration with third-party monitoring and analytics tools.
Afi cloud services are continuously monitored by the Afi team, ensuring that any backup, recovery, export, or discovery task issues are proactively investigated and resolved, alleviating the burden on administrators to closely monitor the service.
Overview dashboard¶
Afi Overview dashboard contains a set of widgets reflecting current protection status and recent backup history:
- Protection status widget shows an aggregate backup status for the recent 24 hours and how many of the available resources in a tenant have a backup policy (SLA) assigned. Please note that archived resources (for example, suspended users or resources deleted on a data provider side) are not included in protection statistics.
- Backup status widget contains per day backup/restore/export tasks history and health status for the recent 7 days.
- Data dynamics widget shows backup volume growth trend (how much data and how many emails/files/contacts/calendars are backed up) for the recent 7 days.
- Activity widget shows the 10 most recent backup/restore/export tasks together with their statuses.
Activity¶
The Activity screen includes the following tabs, featuring per-tenant tasks history as well as per-tenant and organization-wide audit event logs:
- Tasks tab, containing tasks (backup/export/restore/delete) history for a tenant;
- Audit tab (per-tenant), containing audit events related to data access (including backup browse, export, and restore events) and tenant configuration changes;
- Admin tab, containing audit events related to organization and billing management.
The system keeps task history for 30 days and audit events for 3 years. Both tasks and audit events for a specific period can be downloaded in CSV format.
Tasks¶
The Tasks tab shows a time-ordered list of backup/restore/export/discovery/delete tasks and contains several filters that simplify searching for specific activities (for example, in-progress restore or failed backup operations).
The screenshot below shows how to check for failed tasks inside the specified period of time:
Audit¶
The Audit tab shows a time-ordered list of security-sensitive user and system events, including data access (browse/search/restore/export/delete), configuration changes, organization and billing management events. All audit events contain details about the operation performed, in particular, a list of selected files/folders/labels in case of an export or recovery operation. One can view audit event details by clicking on the corresponding line in the table.
Periodic status reports¶
For monitoring purposes, Afi account administrators can enable periodic status reports sent to email, Slack, Teams, or Google Chats notification channels. Supported report frequencies are:
- daily (sent each day at 00:00 UTC);
- weekly (sent each Monday at 00:00 UTC);
- monthly (sent on the 1st day of a month).
Email¶
You can configure status reports to be sent to one or more email addresses and check the configuration by clicking on the Test button to send a test report. Please note that it may take up to 1-2 minutes for a test report to be delivered. If you haven't received a test report in a few minutes, please check the spam folder in your mailbox.
Slack¶
To enable Slack reports, please create a Slack channel for Afi reports, configure a Slack application with an incoming webhook as described here and add the webhook URL to the Afi report configuration.
Correct Slack webhook URL should look like this:
Teams¶
To enable Teams reports, please create a Team channel for Afi reports, configure a workflow with an incoming webhook as described here, and add the webhook URL to the Afi report configuration.
Warning
Microsoft is deprecating Office 365 connectors for Teams, so if your existing Afi reports or SIEM configuration relies on legacy Team channel connectors, you will need to recreate your Afi notification channels to use workflow webhook URLs instead of connector ones.
A correct Teams webhook URL should look like this:
https://prod-00.westus.logic.azure.com:443/workflows/00000000f8344fc4a9a7212400000000/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=_WbqhC94eeSabLBe0QKcBBiTT9Muyrl9Hq5ct79W3OA
Google Chats¶
To enable Google Chats reports, please create a Google Space for Afi reports, configure an incoming webhook as described here, and add the webhook URL to the Afi report configuration.
A correct Google Chats webhook URL should look like this:
https://chat.googleapis.com/v1/spaces/AAAAgRAMxxx/messages?key=AIzaSyDdI0hCZtE6vySxxx-WEfRq3CPzqKqqxxx&token=EAXOdU9BsGHiH7aI253egQLMbxxx-T1VCkyzfJ-q5Oc
Notifications¶
Afi allows to configure notification groups on the Configuration → Notifications tab to receive email notifications for certain kinds of events, grouped by event kind (licensing, ransomware, and system notifications).
Public API for reporting¶
You can use Afi Public API to build custom integrations with the Afi service, for example, a monitoring application to periodically query backup and billing stats. You can learn more about the Afi API in the following guide.