Sun Identity Manager 8.1 Business Administrator's Guide

Configuring the Audited Attribute Report

The Audited Attribute Report (see Table 15–1) can report attribute-level changes to Identity Manager users and accounts. Standard audit logging, however, does not generate enough audit log data to support a full query expression.

Standard audit logging does write the changed attributes to the acctAttrChanges field in the audit log, but the changed attributes are written in a way that the report query can only match records based on the changed attribute’s name. The report query cannot accurately match the attribute’s value.

You can configure this report to match records containing changes to the attribute lastname, by specifying the following parameters:

Attribute Name = ’acctAttrChanges’
Condition = ’contains’
Value = ’lastname’

Note –

Using Condition=’contains’ is necessary because of the way data is stored in the acctAttrChanges field. This field is not multi-valued. Essentially, it is a data structure that contains the before/after values of all changed attributes in the form attrname=value. Consequently, the preceding settings allow the report query to match any instances of lastname=xxx.

It is also possible to capture only those audit records that have a specific attribute with a specific value. To do this, follow the procedure in the Configuring the Audit Tab section. Select the Audit entire workflow checkbox, click the Add Attribute button to select the attributes you want to record for reporting purposes, and click Save.

Next, enable the task template configuration (if it is not already enabled). To do this, follow the procedure in the Enabling the Task Templates section. Do not change the default value in the Selected Process Types list, just click Save.

The workflow can now provide audit records that are suitable for matching both the attribute name and the value. Although turning on this level of auditing provides much more information, be aware that there is a significant performance cost and your workflows will run slower.