Scheduling User Discovery Jobs from the Job Scheduler Page

If you have a deployed Amazon Web Services (AWS) Sensor, the AWS Sensor app provides support for the predefined user discovery jobs that USM Anywhere uses to monitor AWS Identity and Access Management (IAM) activity. You can also use the app to define custom jobs.

The AWS user discovery job is enabled by default and runs every 20 minutes to collect AWS users.

If you have a deployed Microsoft Azure Sensor, the Azure Sensor app provides support for the predefined Azure Active Directory (AD) user discovery jobs that USM Anywhere uses to monitor your Azure AD users, either as an actor in the Azure cloud or as an identity provider. You can also use the app to define custom jobs.

The Azure user discovery job is enabled by default and runs every 20 minutes to collect Azure AD users. See Azure Log Discovery and Collection in USM Anywhere for more information about jobs for the Azure Sensor app.

You can verify that your app is properly configured to collect user data by viewing the app status. Go to Data Sources > Sensors to open the sensors main page, click a sensor to open its detail, and click the App Status tab.

If you are using Microsoft Active Directory Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks. to authenticate users in your environment, the Azure AD Sensor app provides support for the predefined user discovery job that scans for both assets and users authenticated via Microsoft Active Directory. Go to Data Sources > Sensors to open the sensors main page, click the sensor to open its details, and click the Active Directory tab.

You can execute a new Microsoft Active Directory scan either from the Getting Started Wizard during your sensor's deployment, or at any time from the sensor details page. In addition, you can schedule a custom job to collect users regularly.

See Scheduling Active Directory Scans from the Job Scheduler Page for more information about jobs for this app.

If you are using Okta in your environment to authenticate users, the Okta Sensor app provides support for the predefined user discovery job that scans for users authenticated via Okta.

You can confirm your Okta app is configured to collect user data by checking the app. Go to Data Sources > AlienApps > Available Apps, search for Okta, and then click the tile. See BlueApp for Okta for more information.

If you are using Microsoft Office 365 in your environment to authenticate users, the Office 365 Sensor app provides support for the predefined user discovery job that scans for users authenticated via Office 365.

You can confirm your Office 365 app is configured to collect user data by checking the app status. Go to Data Sources > AlienApps > Available Apps, search for Office 365, and then click the tile. See BlueApp for Office 365 for more information.

If you are using Google G Suite in your environment to authenticate users and would like to set up a scheduled job to discover them, you must create a new job for that purpose.

To configure a scheduled job to discover G Suite users, use the following values:

• Name: An identifying name for the new job
• Description: A description of the new job
• Action Type: G Suite
• App Action: Find G Suite users
• Domain: The domain this job will scan
• Schedule: The frequency with which this scan job will run (most scan jobs run every 20 minutes)

See USM Anywhere Scheduler for detailed instructions on how to create new scheduled jobs.

If you are using Google Cloud Platform (GCP) in your environment to authenticate users, the GCP Sensor app provides support for the predefined user discovery job that scans for users authenticated via GCP.