Skip to main content

Getting started

Configuration requirements

Before configuring session monitoring options, you should:

  1. Set up Managed Systems and Managed System Policies .

    If you want users’ requests for searching recorded session data to be authorized, assign authorizers to managed system policies.

  2. Configure Access Disclosure Plugins .

    The command prompt (pswxcmd ), remote desktop (pswxtsvc), secure browser (securebrowser), and all Guacamole controls are compatible with session monitoring.

  3. Configure user access rules to allow users to access recorded data related to their own or another users’ activity.

    The following privileges are available:

    • Manage recorded sessions. In order to have access to the Session monitor app, users must be granted this privilege. The Session monitor app allows users to submit requests to search, view and download recorded sessions. In addition, users can be granted the following:

      • Pre-approved search of my recorded sessions

      • Pre-approved search of all recorded sessions

      • Pre-approved download of recorded sessions

      • Pre-approved view of recorded sessions

  4. Optional: Configure additional access controls.

    • Pre-approved search recorded sessions

    • Pre-approved download recorded sessions

    • Pre-approved view of recorded sessions

It is recommended that you plan how you will implement session monitoring .

Navigation

To configure session monitoring options click Manage the system > Privileged access > Options to configure global options, or click Manage the system > Privileged access > Managed system policies > <Policy> > Options to configure policy-level options

To configure web module options click Manage the system > Modules > Session monitor for:

Initial configuration

As long as you have prepared your system to meet the requirements listed on on the current page, you can get started with testing the session monitoring feature by setting the following on the Recorded sessions tab:

  • SMON HTTP URL – The session monitor client connects using this fully qualified URL to the smonc CGI program on a Bravura Security Fabric server.

  • At least one of the following:

    • SMON KEYSTROKE ENABLE to capture keystrokes

    • SMON SCREENSHOT ENABLE to take periodic screenshots

    • SMON WEBCAM ENABLE to record webcam images

    • SMON UI ENABLE to capture user interface information

    • SMON CLIPBOARD ENABLE to capture clipboard data

The default SMON HTTP URL is <BASE IDSYNCH URL>/<virtualdirectory>/smonc.exe. The BASE IDSYNCH URL is set at Manage the system > Workflow > Email configuration .

The following sections describe these options and more in detail.

In this section: