Oracle® Identity Manager Administrative and User Console Guide Release 9.0 B25936-01 |
|
Previous |
Next |
Based on whether you access current operational data or historical data, the reports you can generate using Oracle Identity Manager are divided into Operational Reports and Historical Reports. This section describes how to run reports detailing the resources available to the users. There are two kinds of reports; Operational Reports and Historical Reports.
This chapter describes the standard operational and historical reports supported by Oracle Identity Manager in the following sections:
The following sections describe the out-of-box operational reports in Oracle Identity Manager.
Who Has What (Users' Entitlements)
This report provides administrators or auditors the ability to query entitlements for users that match the query parameters. This report can be used for operational and compliance purposes. This is an operational report, not a historical report.
This report provides administrators or auditors the ability to query all existing users provisioned to a resource. This report can be used for operational and compliance purposes. This is an operational report, not a historical report.
The following sections describe the out-of-box historical data reports in Oracle Identity Manager.
User Access History (Who Had What)
This report provides administrators or auditors the ability to view user's resource access history over user's lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a user access profile snapshot report. This is a lifetime report showing entire history of user's entitlements.
This report provides administrators or auditors the ability to query all users provisioned to a resource over its lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a resource access list snapshot report. This is a lifetime report showing entire history of resource's access list / entitlements.
This report provides administrators or auditors the ability to view user's profile history over user's lifecycle. This report can be used for compliance and forensic auditing purposes. This is not a user profile snapshot report. This is a lifetime report showing entire history of user's profile.
To run a Report:
Expand the Reports link and click Operational Reports or Historical Reports. The resulting screen displays a list of all the reports of that type that are available to the user. The reports are listed in a table with the following fields:
Field | Description |
---|---|
Report Name | Shows the unique name of the operational report, which is also a hyperlink to the input parameters for that report |
Report Code | Identifies a unique alpha numeric code for the report |
Report Type | Identifies the report type to help administrators organize their reports |
Description | Provides a short description of the report |
Select a report by clicking on its name. The Report Input Parameters screen appears. The Report Input Parameters screen displays the input parameters that need to be provided to run a report. In some cases, at least one or more input parameter fields will be required fields, that is these fields must be filled. If this is not the case, then you must populate at least one of the fields to run a report.
Enter the information required to identify what information the report contains.
Click the submit button to run the report. The Report Display page appears.
This page shows the report content. Three different display formats are available. The format information is included in the report meta data associated with each report. The three display formats are:
Simple Table Format
Sectional Format
Sectional Format with Report Header
By default, only 50 records appear on each page. This limit can be changed in the properties file. If there are multiple pages, then the First, Previous, Next, and Last navigation links at the top and bottom of the page are active.
The filter capability is to narrow the search criteria for a report. By default, three filters appear as a drop-down and a text field. Select the type of data from the drop-down, then enter a filter string in the text field. The asterisk (*) wildcard character can be used in the filter text box. An asterisk will represent any number of characters. For example, S*t will match Slashdot and Sat.
Filters narrow down the existing report, they do not generate a new report. For example, if the report is run with input parameter as [First Name=j*] (returns all records where the first name starts with 'j'), and then it is filtered again with [Last Name=Smith], this will return only those records which have first name starting with j, and last name as Smith.
Once the filter input is provided and the Filter button is clicked, the resulting report will be displayed on the same Report Display Page. The filter dropdowns and text boxes will reflect the filter values that were provided. The Clear button clears the filter fields.
The Change Input Parameters button returns you to the Input parameters page. The input parameter fields contain the information you already entered.
You can export all the report information as a single Comma Separated Values file, or CSV. Clicking on the CSV Export button prompts the user with a popup window to save the CSV file locally on the user's computer. By default, the name of the file is <report code>.csv.
The resource names and user IDs listed in the report may be links. Clicking these links opens a new Detail Page with more detailed information on that resource or user id.
Oracle Identity Manager supports the creation of reports using third-party tools like Crystal Reports. It supports the following out-of-the-box report types:
Who Has What. This report lists the users and the resource objects with which they have been provisioned.
Direct Provisioned. This report shows the following:
The resource object(s) that have been directly provisioned to the target user(s).
The user who have directly provisioned the resource object(s) for the target user(s).
The user(s) who received the resource object(s).
Requests Made. This report displays the requests that have been created by users.
Active Queue. This report is a sub-set of the Requests Made report. It lists the requests that have been approved by users.
Requests Executed. This report is a sub-set of the Active Queue report. It shows the requests that have been executed by Oracle Identity Manager.
Reconciled Apps. This report lists the successful reconciliation events. Reconciliation is the process whereby provisioning events outside of Oracle Identity Manager are made known to Oracle Identity Manager.
Reconciled Users. This report displays the users who have been added to Oracle Identity Manager using reconciliation.
Unreconciled Data. This report shows the reconciliation events that could not be matched to a specific user, organization, or provisioning process.
Note: To learn how to create reports using third-party software, refer to the software documentation. |