Elevate24 Reporting

Elevate24 includes comprehensive reporting capabilities designed to give Mac administrators visibility into privileged access events and help meet security and compliance requirements. Reporting is split into two core areas: application-level reporting and security monitoring reporting. These two methods ensure that both user-driven elevation activity and policy-based enforcement events are captured, logged, and available for analysis.

There are two primary ways to consume reporting data from Elevate24:

• The Jigsaw24 Portal, which provides a centralised view of activity across your fleet
• A SIEM platform such as Microsoft Sentinel or Splunk, for deeper integration into your security operations workflows

Both consumption methods require a premium Elevate24 license. For security and privacy reasons, all reporting data is sent directly from the device — there are no cloud-based agents or collectors involved in generating or forwarding telemetry. This ensures data is only shared when explicitly configured and routed through trusted, administrator-controlled channels.

Whether you're viewing reports in the Jigsaw24 Portal or forwarding logs to your SIEM, the data follows structured schemas for consistency and ease of use. This flexibility supports both operational oversight and enterprise-grade security monitoring in environments where auditability and control are essential.