Monitoring Sensors and Decryptors

You can monitor the status of your Sensors and Decryptors on the sensors and decryptors pages respectively. The figure below depicts the layout of the sensors page showing one active sensor:

Active Sensors


Active Decryptors


Both screens allow you to set the ‘sensitivity threshold’ for determining whether a sensor or a decryptor is ‘active’. Active states are define by the time since a sensor/decryptor last ‘phoned home’. The two figures below show how the same sensor is considered inactive with a threshold set to 6 hours and active when the threshold is set to 1 day.

Sensor active during the past 24 hours


Sensor inactive in the past six hours


Projects and Key Depots

Projects are groupings of mirroring work-flows. An agent can belong to only one project at a time. Projects allow you to easily manage deployments as they grow. You can add/remove/select projects from the ‘Project’ option in the main menu.


You can modify or delete any element by clicking an element and selecting an option from the pop-up menu:

  1. Source Groups:
  1. Destinations:
  1. Connections:

Set up a Private Key Depot

A private key depot is automatically configured for each of your projects in a DynammoDB table hosted by Nubeva.



Nubeva TLS supports AWS, Azure and GCP. The key database is a DynamoDB table in AWS.

The project properties dialog indicates which DynamoDB table is being used. The figure shows that the table is in Nubeva’s account. To replace the default table with a table in your own account, click the Create Private Key Depot button.

This step is not required for POC but recommended when you go to production.


Select the region and click Launch DB. This will launch a Cloud Formation template. The template creates IAM resources for writing and reading from the Key Depot. Acknowledge that you allow these roles to be created:


When the template is done select the Outputs tab and click the URL in the field SendtoNubeva:


This operation navigates back to the home page of your current project and registers the encrypted credentials.


If you delete the private Key Depot, you can always create another. If you delete a private Key Depot and do not create another, then sensors will no longer extract session keys.