Symantec IGA

We are using vAPP 14.1 and I have to analyze a lot of data based on which attribute is changed when and for which user. And for that I have to open each MODIFU USER Task > Modify User Event and see which attribute is updated.

Is there any way I can check the Attributes Changed from DB for a users for all its Modfy requests. I can see TaskSession12_5 table and Event12_5 table but they do not contain information of which attribute was updated. opening each request takes few mins and its very time consuming tasks.

Your help here will be highly appreciated!!

Thanks in advance!
Tanu Goyal

A better plan for you may be auditing.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/auditing.html



------------------------------
And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.

Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at enterprisestudio@hcl.com. https://www.hcltech.com/enterprise-studio
------------------------------

Original Message:
Sent: 04-27-2020 04:46 AM
From: Tanu Goyal
Subject: Attributes changed in DB TABLE

We are using vAPP 14.1 and I have to analyze a lot of data based on which attribute is changed when and for which user. And for that I have to open each MODIFU USER Task > Modify User Event and see which attribute is updated.

Is there any way I can check the Attributes Changed from DB for a users for all its Modfy requests. I can see TaskSession12_5 table and Event12_5 table but they do not contain information of which attribute was updated. opening each request takes few mins and its very time consuming tasks.

Your help here will be highly appreciated!!

Thanks in advance!
Tanu Goyal

Where can I find these Audit logs or corresponding configurations, any idea would be further helpful.

Thanks,
Tanu Goyal
Original Message:
Sent: 04-27-2020 09:16 AM
From: Bill Patton
Subject: Attributes changed in DB TABLE

A better plan for you may be auditing.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/auditing.html

• Enable auditing for Identity Manager admin tasks.
• Enable auditing for some or all of the Identity Manager events generated by admin tasks.
• Record event information at specific states, for example, when an event completes or is canceled.
• Log information about attributes involved in an event. For example, you can log attributes that change during a ModifyUserEvent.
• Set the audit level for events and attributes.

------------------------------
And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.

Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at enterprisestudio@hcl.com. https://www.hcltech.com/enterprise-studio

Original Message:
Sent: 04-27-2020 04:46 AM
From: Tanu Goyal
Subject: Attributes changed in DB TABLE

We are using vAPP 14.1 and I have to analyze a lot of data based on which attribute is changed when and for which user. And for that I have to open each MODIFU USER Task > Modify User Event and see which attribute is updated.

Is there any way I can check the Attributes Changed from DB for a users for all its Modfy requests. I can see TaskSession12_5 table and Event12_5 table but they do not contain information of which attribute was updated. opening each request takes few mins and its very time consuming tasks.

Your help here will be highly appreciated!!

Thanks in advance!
Tanu Goyal

Hi Tanu
As long as Audit is configured in your environment (Management Console > Audit > Enable), the audit DB would hold this information. 
Reviewing the following chapter would give you a good idea about the required configuration
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/management-console-help/how-to-configure-auditing.html

Regards
Rinat
Original Message:
Sent: 05-06-2020 07:46 AM
From: Tanu Goyal
Subject: Attributes changed in DB TABLE

Where can I find these Audit logs or corresponding configurations, any idea would be further helpful.

Thanks,
Tanu Goyal
Original Message:
Sent: 04-27-2020 09:16 AM
From: Bill Patton
Subject: Attributes changed in DB TABLE

A better plan for you may be auditing.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/auditing.html

• Enable auditing for Identity Manager admin tasks.
• Enable auditing for some or all of the Identity Manager events generated by admin tasks.
• Record event information at specific states, for example, when an event completes or is canceled.
• Log information about attributes involved in an event. For example, you can log attributes that change during a ModifyUserEvent.
• Set the audit level for events and attributes.

------------------------------
And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.

Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at enterprisestudio@hcl.com. https://www.hcltech.com/enterprise-studio

Original Message:
Sent: 04-27-2020 04:46 AM
From: Tanu Goyal
Subject: Attributes changed in DB TABLE

We are using vAPP 14.1 and I have to analyze a lot of data based on which attribute is changed when and for which user. And for that I have to open each MODIFU USER Task > Modify User Event and see which attribute is updated.

Is there any way I can check the Attributes Changed from DB for a users for all its Modfy requests. I can see TaskSession12_5 table and Event12_5 table but they do not contain information of which attribute was updated. opening each request takes few mins and its very time consuming tasks.

Your help here will be highly appreciated!!

Thanks in advance!
Tanu Goyal

We do not have Audit configured in our environment.

But thanks for your information. It was helpful to understand for options.
Original Message:
Sent: 05-12-2020 09:17 AM
From: Rinat Matityahu
Subject: Attributes changed in DB TABLE

Hi Tanu
As long as Audit is configured in your environment (Management Console > Audit > Enable), the audit DB would hold this information.
Reviewing the following chapter would give you a good idea about the required configuration
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/management-console-help/how-to-configure-auditing.html

Regards
Rinat
Original Message:
Sent: 05-06-2020 07:46 AM
From: Tanu Goyal
Subject: Attributes changed in DB TABLE

Where can I find these Audit logs or corresponding configurations, any idea would be further helpful.

Thanks,
Tanu Goyal
Original Message:
Sent: 04-27-2020 09:16 AM
From: Bill Patton
Subject: Attributes changed in DB TABLE

A better plan for you may be auditing.

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-manager/14-3/configuring/auditing.html

• Enable auditing for Identity Manager admin tasks.
• Enable auditing for some or all of the Identity Manager events generated by admin tasks.
• Record event information at specific states, for example, when an event completes or is canceled.
• Log information about attributes involved in an event. For example, you can log attributes that change during a ModifyUserEvent.
• Set the audit level for events and attributes.

------------------------------
And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.

Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at enterprisestudio@hcl.com. https://www.hcltech.com/enterprise-studio

Original Message:
Sent: 04-27-2020 04:46 AM
From: Tanu Goyal
Subject: Attributes changed in DB TABLE

We are using vAPP 14.1 and I have to analyze a lot of data based on which attribute is changed when and for which user. And for that I have to open each MODIFU USER Task > Modify User Event and see which attribute is updated.

Is there any way I can check the Attributes Changed from DB for a users for all its Modfy requests. I can see TaskSession12_5 table and Event12_5 table but they do not contain information of which attribute was updated. opening each request takes few mins and its very time consuming tasks.

Your help here will be highly appreciated!!

Thanks in advance!
Tanu Goyal