The filterConfiguration attribute lists event groups, which are used to enable one or more events to pass through the event filter. Each group listed in the filterConfiguration attribute contains the attributes listed in Table 10–2.
Table 10–2 filterConfiguration Attributes
Example 10–5 illustrates the default Resource Management group.
<Object name=’Resource Management’> <Attribute name=’enabled’ value=’true’/> <Attribute name=’displayName’ value=’UI_RESOURCE_MGMT_GROUP_DISPLAYNAME’/> <Attribute name=’enabledEvents’> <List> <Object> <Attribute name=’objectType’ value=’Resource’/> <Attribute name=’actions’ value=’ALL’/> <Attribute name=’results’ value=’ALL’/> </Object> <Object> <Attribute name=’objectType’ value=’ResourceObject’/> <Attribute name=’actions’ value=’ALL’/> <Attribute name=’results’ value=’ALL’/> </Object> </List> </Attribute> </Object> |
Identity Manager provides default audit event groups. These groups, and the events they enable, are described in the following sections:
You can configure audit event groups from the Audit Configuration page of the Identity Manager Administrator interface (Configure > Audit). See Configuring Audit Groups and Audit Events for instructions.
You can also configure successful or failed events for each group from the Audit Configuration page. The interface does not support adding or modifying enabled events for groups, but you can do this by using the Identity Manager debug pages (The Identity Manager Debug Page).
Not every action that you can choose for an audit event group results in a log record. Also, selecting the “All Actions” option does not mean that all listed actions are available or possible for all audit event groups.
This group is enabled by default.
Table 10–3 Default Account Management Event Groups
Type |
Actions |
---|---|
Encryption Key |
All Actions |
Identity System Account |
All Actions |
Resource Account |
Approve, Create, Delete, Disable, Enable, Modify, Reject, Rename, Unlock |
Workflow Case |
End Activity, End Process, End Workflow, Start Activity, Start Process, Start Workflow |
User |
Approve, Create, Delete, Disable, Enable, Modify, Reject, Rename |
This group is disabled by default.
Table 10–4 Changes Outside Identity Manager Event Groups and Events
Type |
Actions |
---|---|
ResourceAccount |
NativeChange |
This group is enabled by default.
Table 10–5 Default Compliance Management Group Events
Type |
Actions |
---|---|
Audit Policy |
All Actions |
AccessScan |
All Actions |
ComplianceViolation |
All Actions |
Data Exporter |
All Actions |
UserEntitlement |
Attestor Approved, Attestor Rejected, Remediation Requested, Rescan Requested, Terminate |
Access Review Workflow |
All Actions |
Remediation Workflow |
All Actions |
This group is enabled by default.
Table 10–6 Default Configuration Management Event Groups
Type |
Actions |
---|---|
Configuration |
All Actions |
UserForm |
All Actions |
Rule |
All Actions |
EmailTemplate |
All Actions |
LoginConfig |
All Actions |
Policy |
All Actions |
XmlData |
Import |
Log |
All Actions |
This group is enabled by default.
Table 10–7 Default Event Management Event Groups
Type |
Actions |
---|---|
|
Notify |
TestNotification |
Notify |
This group is enabled by default.
Table 10–8 Default Identity Manager Logins/Logoffs Event Groups
Type |
Actions |
---|---|
User |
Credentials Expired, Lock, Login, Logout, Unlock, Username Recovery |
This group is enabled by default.
Table 10–9 Default Password Management Event Groups and Events
Type |
Actions |
---|---|
Resource Account |
Change Password, Reset Password |
This group is enabled by default.
Table 10–10 Default Resource Management Event Groups and Events
Type |
Actions |
---|---|
Resource |
All Actions |
Resource Object |
All Actions |
ResourceForm |
All Actions |
ResourceAction |
All Actions |
AttrParse |
All Actions |
Workflow Case |
End Activity, End Process, End Workflow, Start Activity, Start Process, Start Workflow |
This group is disabled by default.
Table 10–11 Default Role Management Event Groups and Events
Type |
Actions |
---|---|
Role |
All Actions |
This group is enabled by default.
Table 10–12 Default Security Management Event Groups and Events
Type |
Actions |
---|---|
Capability |
All Actions |
EncryptionKey |
All Actions |
Organization |
All Actions |
Admin Role |
All Actions |
This group is enabled by default.
Table 10–13 Service Provider Event Groups and Events
Type |
Actions |
---|---|
Directory User |
Challenge Response, Create, Delete, Modify, Post-Operation Callout, Pre-Operation Callout, Update Authentication Answers, Username Recovery |
This group is disabled by default.
Table 10–14 Task Management Event Groups and Events
Type |
Actions |
---|---|
TaskInstance |
All Actions |
TaskDefinition |
All Actions |
TaskSchedule |
All Actions |
TaskResult |
All Actions |
ProvisioningTask |
All Actions |