Skip Headers
Oracle® Identity Manager Audit Report Developer's Guide
Release 9.1.0

Part Number E10365-03
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
View PDF

1 Introduction to Oracle Identity Manager Auditing

Oracle Identity Manager provides a powerful audit engine to collect extensive data for audit and compliance purposes. It also provides a flexible reporting engine to run reports on that data. The customer can use the Audit and Report functionality together to capture, archive, and view entity and transactional data for compliance monitoring and IT-centric processes and forensic auditing. Therefore, with the audit and compliance modules, Oracle Identity Manager provides profile auditing, reporting, and attestation features. You can capture, transport, store, retrieve, and remove historical data over its life cycle. Security is maintained at every stage of the data life cycle.

This guide discusses the profile auditing and reporting features of Oracle Identity Manager. See Oracle Identity Manager Administrative and User Console Guide for attestation details.

This chapter discusses the following topics:

Auditing Design Components

Figure 1-1 shows the design components of the Oracle Identity Manager auditing process.

Figure 1-1 Design Components of the Auditing Process

Description of Figure 1-1 follows
Description of "Figure 1-1 Design Components of the Auditing Process"

Any action that a user performs in Oracle Identity Manager translates into an Application Programming Interface (API) call or into a Message Driven Bean (MDB) picking up a message to process an action.

One action can cause multiple changes. All changes are combined into an audit transaction. Each API method that can modify data objects calls the startTransaction method in the audit engine at the beginning of the API call and the endTransaction method at the end of the API call. This defines boundaries for the audit transaction. The audit engine generates a transaction ID to identify the changes made in the transaction.

Profile Auditing

Oracle Identity Manager provides auditing and historical archiving of profile information. It takes a snapshot of a profile, stores the snapshot in an audit table in the database, and updates the snapshot each time the profile data changes.


In the context of profile auditing, the term snapshot means a copy taken of the entire profile data at any instant when the data is modified.

Standard and Customized Reports

Oracle Identity Manager provides standard reports for viewing archived data. You can also create customized reports.

Secondary Data Source Reporting

When you first install Oracle Identity Manager, it uses a primary data source for creating reports. To reduce the load on the primary data source, you can configure a secondary data source for reporting. To use a secondary database, you must configure the replication of data between transactional data and the reporting database.