Skip to main content

Continuous Monitoring

Continuous Monitoring regularly checks the most recent scan of an application for new violations. Use this feature to send alerts when new violations have been discovered on existing application scans.

Enabling continuous monitoring requires first setting the stage that it should be run against and the notifications to send when a new policy violation occurs. Not setting a notification will still result in the violations being discovered, however they will not be known until someone consults the reports or dashboard.

Continuous Monitoring configuration uses inheritance and overrides when setting the stage it runs and notifications. The configuration may be set at any level though we recommend setting at the root organization.

Turning On Continuous Monitoring

The Edit IQ elements permission is required for the organization/application for which continuous monitoring is configured.

  1. Select the organization or application to monitor.

  2. Click the Continuous Monitoring button or scroll down to the Continuous Monitoring section.

  3. You should see the option Do Not Monitor or Inherit from [Parent] (Do not monitor). Click the chevron.

  4. Select a stage to monitor, from the list and then click Update.

100139849.png

Setting continuous monitoring notifications

Configure notifications for continuous monitoring at the policy level to identify the recipients when a new policy violation is triggered.

  1. On the left sidebar, click Orgs and Policies.

  2. Select the organization or application you want to monitor.

  3. Click on an existing policy. If the policy is grayed out, that means that policy is being inherited from the organization or root organization and can't be altered at this level. Move one step up the hierarchy and click on the policy. If it's still grayed out, move another step up the hierarchy.

  4. Click the Notifications button or scroll to the Notifications section.

  5. Select the recipient type. You can mix and match multiple recipients across all three types.

    1. If the recipient type is Emails, specify the exact email address.

    2. If the recipient type is Role, select the role. All users assigned this role will receive a notification email.

    3. If the recipient type is Webhook, select an existing Webhook from the list. See Lifecycle Webhooks to learn more.

  6. For each notification recipient, check the Continuous Monitoring box.

Turning off Continuous Monitoring

  1. Navigate to the organization or application

  2. Navigate to the Continuous Monitoring section

  3. Select Do Not Monitor and Update

Scheduling Continuous Monitoring

Continuous Monitoring starts at 12:00 midnight of the hosting system. You can change the start time for through the Configuration REST API

Manually triggering the continuous monitoring task

The continuous monitoring task may be manually triggered using the Operational Menu. In general, this is not recommended nor needed as the task will run automatically during other maintenance tasks.

Instructions are included in the Operational Menu documentation