A diff is usually a method of comparing 2 configs such as master vs model.
Depending on how you are maintaining the master/model, this could be meaningless.
If you are maintaining master/model sync, then the report will be empty: which you don't want.
If you are not maintaining master/model sync, then the report will be cumulative, which you don't want.
I would likely create a solution outside of the IG toolset using Kettle.
- download the current model to file.
- compare to yesterday's (previous) file and create report
- rotate files (move current to previous)
- schedule to run daily.
Original Message:
Sent: 04-01-2020 12:24 PM
From: Muzi Lubisi
Subject: Identity Governance: Config Compare as Business Report
Good afternoon
We have a customer that would like to use the IG DIFF report for business reporting. They would like to run this daily to check for users that have been assigned sensitive access. They would like this report generated and exported from within the IG console, preferably on a schedule.
We can generate the audit cards to display this data, but these cannot be exported. The DIFF report described in the link does not present in a form that business users can use without intervention.
Has anyone had this requirement before or know of how this information can be drawn from the system?
Kind regards,
Muzi Lubisi
IG Compare Operation:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-governance/14-3/client-tools/manage-configurations-and-databases/compare-operations.html