System Events

System events are triggered by the ITM On-Prem (ObserveIT) system. Events might be triggered when users reach their database storage limits, when a user logs in or when a pairing request is made, or during the health check monitoring of the Agent, Notification Service, Application Server, or Web Console.

For example, when ITM On-Prem (ObserveIT) Identity Theft Detection is configured, administrators can verify that users are authorized to log in from the specified (client) computers and to the specified servers. After a user logs in to a server from the desktop, the ITM On-Prem (ObserveIT) administrator sends an email to the user confirming the login and event type. If identity theft is suspected, the user reports the suspicious login event to the administrator and a high severity alert is triggered.

ITM On-Prem (ObserveIT) administrators can view and manage system events from the Configuration page in the Web Console.

The System Events > System Health > System Events page displays a list of the currently defined system events, according to the specified severity and filter criteria.

In the System Events page, administrators can:

• Viewing System Events generated by the ITM On-Prem (ObserveIT) system and view related details including name, severity, and type

• Filter the events displayed per specified criteria

• Delete system events

• Add comments to events

• Defining the Remediation Status of Events

• Configure email notification policies for events to determine who gets notified by email, for which event types, and at what frequency

For descriptions of the event types, and some possible causes and solutions, see Event Types.