| Oracle® Identity Manager Audit Report Developer's Guide Release 9.0.3 Part Number B32456-01 |
|
|
View PDF |
| Oracle® Identity Manager Audit Report Developer's Guide Release 9.0.3 Part Number B32456-01 |
|
|
View PDF |
Oracle Identity Manager provides audit and compliance reporting. You can use the audits and reports to capture and archive entity and transaction data for compliance monitoring and for IT-centric process and forensic auditing. Oracle Identity Manager, with the audit and compliance modules, provides user profile audits, reports, and attestation.
Oracle Identity Manager auditing consists of historical data, a reporting engine, and a an interface. Archived data identifies users, the information that the users can access, the purpose for the access privileges, and the means for providing the information. You can capture, transport, store, retrieve, and remove historical data over its lifecycle. Security is maintained at every part of the data lifecycle.
This guide discusses user profile auditing and reporting. See the Oracle Identity Manager Administrative and User Console Guide for attestation details.
This chapter discusses the following topics:
Figure 1-1 shows the design components of the Oracle Identity Manager auditing process.
Figure 1-1 Design Components of the Auditing Process
Any action that a user takes in Oracle Identity Manager translates into an application programming interface (API) call or into an MDB picking up a message to process an action.One action can cause multiple changes. All changes are combined into an audit transaction. Each API method that can modify data objects calls the startTransaction method in the audit engine at the beginning of the API and the endTransaction method at the end of the method call. This defines boundaries for the audit transaction. The audit engine generates a transaction ID to identify the changes made in the transaction.
Oracle Identity Manager provides auditing and historical archiving of a user profile. It takes a snapshot of a user profile, stores the snapshot in an audit table in the database, and updates the snapshot each time the user data changes.
Oracle Identity Manager includes standard reports for displaying archived data. You can also create customized reports.
When you first install Oracle Identity Manager, it uses a primary data source for creating reports. To reduce the load on the primary data source, you can configure a secondary data source for reporting. To use a secondary database, you need to configure replication of data between the transactional data and the reporting database.
