You will need to install a component we call the Beacon on the server where your web application is hosted. The beacon will monitor your web application and report suspicious activities back to Iogly. Iogly will then notify you via the configured notification channels in real time. That way you will know about an issue the second the incident occurred.
All your data remains on your server. In case of an incident only data related to the incident will be submitted to the Iogly server. In that case we make sure to transfer as little data as possible.
The beacon is a very lightweight component. In a regular environment the performance impact of the beacon should not be noticeable.
The beacon will run completely independent from your web application and will not affect its operation at all. In most cases the beacon will run as a dedicated user and therefore only share the most essential permissions with your web application (read-only access).
You will need to set the beacon to deploy mode during a deployment. You can do this manually in the admin interface or tie it into your CI process with an API call.
The beacon will run on 32- or 64-bit Linux systems. Ideally you will need to have root access to install the beacon but it's possible to run the beacon as a regular user. Refer to the beacon installation manual for details.
While the Iogly monitoring happens in real time we don't report all the changes in real time. The reason for that is that we group changes that happen within a certain time frame into sets. We handle this this way to prevent a flood of messages hitting your inbox in case there is a larger set of changes made to your system.