What is Data Exporter?

Identity Manager processes user account information on a wide range of systems and applications, providing a controlled, audited environment useful for making changes that remain in compliance with corporate policies. Identity Manager is a “data light” architecture. It locally stores a minimal amount of account information on the systems and applications that it manages and fetches the data from the actual system or application when necessary.

This architecture helps reduce data duplication and minimizes the risks of transferring stale data during provisioning operations, but there are times when having the account data stored locally is desirable. For example, being able to query account information without accessing the underlying system or application can bring significant performance improvements for some operations, such as identifying all accounts that have a specific attribute value. Typically, the use of system or application account data is related to reporting operations rather than provisioning operations, but in some cases the data does have value to the organization.

In addition to being a “data light” architecture, Identity Manager uses a “current data only” data model, which means it does not keep historical records (other than the audit and system logs). The advantage of this model is that the size of the operational repository tends to be proportional to the number of accounts, systems, and applications being managed. As a result, the provisioning system itself needs less maintenance. However, the data processed by Identity Manager may be valuable for historical processing.

For example, questions similar to the following rely on historical data:

• Who had access to system X between time A and B, and who approved of that access?

• How many provisioning requests have been processed in the last 48 hours, and how long did each request take?

Data Exporter allows you to selectively capture a large amount of the information processed by Identity Manager, including the account and workflow data necessary to answer questions like those listed above. Identity Manager produces this data in a form that can flow into a data warehouse to be further processed or used as a basis for queries and transformations using commercial database transformation, reporting, and analysis tools.

You are not required to export data from Identity Manager. If you do not need to track this type of the historical data, you are not required to keep it. If you require this data, you are free to establish your own data aging and retention policies without impact to Identity Manager.