Workspace Monitor

Workspace Monitor is available from the main left navigation for admins with MANAGE_SETTINGS and users with the read-only VIEW_WORKSPACE_HEALTH permission. Read-only viewers can inspect health rows, diagnostics, history, malware reports, and exports, but remediation actions require workspace settings access.

The navigation item shows a pulsing red dot when a critical issue is active, an orange dot when warnings are active, and no dot when the workspace is healthy.

Use it to review active workspace health warnings, including blocked malware files, stale scanner signatures, unavailable attachment scanning, risky public upload settings, risky upload type policies, attachment scan queue backlog, exhausted scan retries, storage pressure, integration failures, and exhausted quota. Each warning shows severity, affected count when available, and when the issue was last seen.

Workspace Monitor can show warnings for billing and payment risk, workspace ownership and admin permissions, pending member approvals, unaccepted invitations, ticket mailbox sync and delivery, logging webhook delivery, disabled webhook endpoints, webhook configuration, Slack, external calendar syncs, custom domains, API key usage, public page sessions, public page search, attachment scans, and ticket mailbox limits.

Warnings include a Recommended fixes section when Bnder can identify the owning workflow. Billing warnings can open the billing portal directly. Integration, domain, access, quota, and security posture warnings show focused next steps and buttons to the relevant settings page.

Quota and usage warnings include Usage context when enough data is available: current usage, warning threshold, change since the previous monitor sample, and a projected exhaustion time if the current trend can be estimated.

Mailbox, webhook, calendar, custom domain, and API usage warnings can also show Diagnostics with affected resources, recent failure counts, verification states, sync timing, and aggregate usage details.

Integration warnings are scoped to integrations that apply to the workspace. For example, Slack health appears for Slack workspaces, not for Discord-only workspaces.

Checks At A Glance

  • Security: malware detections, stale scanner signatures, unavailable attachment scanning, risky upload allowlists, open upload policies, risky public ticket uploads, scan queue backlog, exhausted scan retries, and exhausted attachment scan quota.
  • Billing: past-due subscriptions, failed or incomplete payments, active payment recovery, and seats that may be removed after payment recovery.
  • Workspace access: missing owner, no effective workspace admin, too many admins, pending member approvals, and stale invitations.
  • Ticket mailboxes: authentication failures, stalled inbound sync, outbound delivery failures, and mailbox slot limits.
  • Webhooks: repeated delivery failures, disabled endpoints, endpoint limit pressure, and endpoints targeting deleted projects.
  • Integrations: Slack workspace connection health for Slack workspaces, external calendar sync failures, custom domain verification, and custom domain certificate failures.
  • Usage quotas: storage, API requests, public page sessions, public page search, ticket mailbox capacity, and attachment scan usage.

Warnings include action buttons when Bnder can open the related settings page directly, including Organization settings for seat and permission issues.

Repeated warnings keep their original first-seen time so admins can tell whether an issue is new or recurring.

Webhook endpoints can be disabled automatically after repeated delivery failures. Workspace Monitor shows that warning so admins can edit or replace the endpoint.

The Healthy checks list shows monitor groups that currently have no active warning or critical issue.

The Operational history section shows recent non-malware health events, including when a warning started, reopened, or was fixed.

Attachment scan retry warnings include recent failed retry details, including the affected file, retry timing, and the last scanner error. Admins can retry failed cloud file, task attachment, and task comment attachment scans directly from the detail panel after the underlying scanner or quota issue has been fixed.

The malware remediation card updates automatically when malware scan results or remediation metadata changes. Admins can mark a malware incident as a false positive for review. After that review state is set, the restore action changes the current scan verdict to clean and removes the file from the active malware report without deleting it.

Use Plans & Seats for billing capacity, seat assignment, plan comparison, and upgrade actions. Use Workspace Monitor when a current operational warning needs attention.