# Overview

**Monitors** in Sprinto are automated or manual checks that ensure your organisation is compliant with regulatory and security requirements. They validate configurations, usage behaviours, and infrastructure states across connected systems like AWS, Azure, Google Workspace, GitHub, and more.

Each monitor represents a specific control requirement (e.g., “Ensure MFA is enabled for root accounts”) and provides guidance on how to achieve and maintain compliance.

***

### How it Works

When you integrate a service or define a workflow in Sprinto, relevant monitors are auto-generated based on your compliance framework. Each monitor:

* Is evaluated on a periodic basis.
* Shows a real-time status: **Passing**, **Failing**, **Not configured**, or **Evidence required**.
* Can be resolved either automatically (via integration) or manually (via evidence upload).

***

### Types of Monitors

<table><thead><tr><th width="131.6328125">Monitor Type</th><th>Description</th></tr></thead><tbody><tr><td><strong>Automated</strong></td><td>Sprinto checks integration data periodically to assess compliance status.</td></tr><tr><td><strong>Manual</strong></td><td>Requires you to upload evidence (e.g., screenshots, logs) to complete the check.</td></tr><tr><td><strong>Dr. Sprinto</strong></td><td>A Sprinto agent running on endpoints to verify device-level configurations.</td></tr><tr><td><strong>Decisioning</strong></td><td>Monitors that require human review, such as approving or rejecting user access.</td></tr></tbody></table>

***

### What You Can Monitor

Sprinto provides coverage across various categories:

* **Authentication & Access** – For example, MFA status, login protection, inactive users
* **Cloud Infrastructure** – For example, CPU, memory, database usage, connections
* **Encryption & Backup** – For example, key management, EBS/DynamoDB encryption, backup configurations
* **Audit & Logging** – For example, VPC/NSG flow logs, CloudTrail, server access logs
* **Workflow Checks** – For example, disaster recovery plans, password policy enforcement
* **Device & Endpoint Monitoring** – via Dr. Sprinto

***

### Monitor States

<table><thead><tr><th width="180.14453125">Status</th><th width="432.5390625">Meaning</th></tr></thead><tbody><tr><td><strong>Passing</strong></td><td>The check passed and no action is needed.</td></tr><tr><td><strong>Failing</strong></td><td>The check has failed and must be resolved.</td></tr><tr><td><strong>Not configured</strong></td><td>Required services are not integrated or data is missing.</td></tr><tr><td><strong>Evidence required</strong></td><td>Awaiting evidence upload for manual monitors.</td></tr></tbody></table>

***

### Common Actions

* **Fix failing monitors** by following the remediation steps listed on the monitor card.
* **Upload evidence** for manual monitors where integration is not possible.
* **Assign decision makers** for user decisioning monitors.
* **Track history** of each monitor’s compliance status over time.
* **View monitor details** including frequency, rationale, and remediation guidance.

***

### Best Practices

* Integrate all supported services to maximise automated coverage.
* Periodically review manual evidence requirements and automate where possible.
* Use labels and filters in the dashboard to track critical or failing monitors.
* Assign monitors to relevant stakeholders to streamline resolution workflows.