Product Architecture and Components

Architecture and Components

ObserveIT is a software-based user activity monitoring and internal risk identification platform with no fixed hardware components. Software Agents running on Windows, Mac, or Unix/Linux gateways, servers or desktops capture user activity data and send it to an ObserveIT Application Server. The Application Server sends the relevant user activity log and screen video data to a Database Server for storage. All captured user activity data can be searched for, reported on, configured for alerts, and integrated with SIEM systems. Administrators manage the system and access user activity logs, screen video, reports and other features using the ObserveIT Web Console, which is served by the Application Server.

These are the components of the ObserveIT software application:

Each of the three server applications can be installed on a single platform or multiple platforms.

The flow of activity and communication between the components is as follows:

  1. Each monitored desktop or server runs the ObserveIT Agent which is installed locally on the computer.

  2. The Agent captures information about user activity, secures it, and sends it to the Application Server.

  3. If there is more than one Application Server, they should be load balanced by using either a software or hardware-based device. In that case the Agents will communicate with the load balancer’s virtual IP (VIP).

  4. The Application Server analyzes and compresses received data, then it stores it by splitting the textual data in the SQL Server database, and graphic images on the file share.

  5. An administrator can connect to the Web Console Web-based interface using a web browser, and search for, replay, run reports and inspect alerts based on the captured user activity.

  6. Any component of the data transfer or data storage process can be encrypted, if needed.

ObserveIT Architecture

The diagram illustrates the product architecture and flow of communication between the components.

For details about and diagrams of the product architecture for the different size deployments, please refer to the “ObserveIT Hardware and Software Prerequisites and Recommendations” document which can be obtained by contacting ObserveIT’s Professional Services team at

version 7.9.1