.png)
Audit
Definition
The Audit allows to search for audit events on criteria such as title, details, actors... and establish correlation between events.
The displayed results must provide information:
what was done on the application (success or failure)
when
by whom
It is possible to find in the audit the loggers configured in a Groovy script on an Attribute and on each Service (IDM, BUM and SYNC).
The settings to configure this are: idm.rule.audit.log, adm.rule.audit.log and sync.rule.audit.log. You must configure these settings to INFO or DEBUG.
Usage
You can access the Audit page :
by clicking on "System" → Audit
Search in Audit
The Audit page provides a list of Audit Events organized in reverse chronological order (more recent events are displayed first).
By default, when opening the Audit page, the search is defined by a date.
Actions | Description | Preview |
|---|---|---|
Add filter | You can add one or several filters to search more precisely for an Audit Event by clicking on "Add Filter..." button. |  |
Filters will be added at the top of the page. You can delete one or several filters by clicking on the displayed trash icon on each line. |  | |
Display technical information | By clicking on the checkbox button, allows to display the configured search expression on the setting "audit.search.defaultFilter" is applied. When you clicking on this checkbox button, the search is auto-executed. |  |
Search for Audit Events | The results are displayed according to the filters. |  |
View an Audit Event | You can view details of audit events by clicking on the arrow displayed on the line. By clicking on the "View Full Audit Event", you can view more information about the event. |  |
Audit Events
Audit Events must provide a way to structure the difference between the "before" and "after" state of an object, to namely underline the list of its modified properties.
Filters
Name | Type | Description |
|---|---|---|
Actor |
| Allows to search by a user or an account that are affected by the event (beneficiary, requester, notification actor...). |
Application identifier |
| Allows to search by identifier of the application. |
Application names |
| Allows to search by names of the application (Citadel BUM, Citadel I18N, Citadel IDM, Citadel Notify, Domino Sync). |
Application versions |
| Allows to search by versions of the application. |
Attachments Purposes |
| Allows to search by attachments purposes (Exception, Original, Target, Rule script...). |
Date |
| Allows to search by date (year, month, week, day, hour, minute, second) or by period. |
Detail |
| Allows to search by information about an operation (Workflows, Role Assignments, Object types (Identity, Organization, Role, Role Publication), Attributes...). |
Identifier |
| Allows to search by identifier who made an action. |
Outcomes | Allows to search on success or failure. | |
Resource |
| Describes a domain object that is used in the operation. It might be the target of the operation but also just accessory to the operation (for example a configuration might be used to operate on a managed object). Typical labels: TARGET, CREATED_OBJECT, CONFIGURATION... |
Titles |
| Describes the operation we are auditing. Typical values: OBJECT_CREATE, JOB_EXECUTE... |
Tracking |
| A unique string that allows multiple Audit Events to be correlated. This typically helps in obtaining all Audit Events that relate to the same resource, operation etc... Typical labels: LOG_TRACKING_ID, RESOURCE... |