| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Identity Analytics Business Administrator's Guide 11g Release 1 |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Identity Analytics Business Administrator's Guide 11g Release 1 |
1. Oracle Identity Analytics Identity Warehouse
2. Oracle Identity Analytics Importing
3. Oracle Identity Analytics ETL Process
4. Oracle Identity Analytics Data Correlation
5. Oracle Identity Analytics Role Engineering and Management
6. Oracle Identity Analytics Workflows
7. Oracle Identity Analytics Identity Certifications
8. Oracle Identity Analytics Identity Audit
To Edit / Change the State of an Audit Policy
To Preview Audit Policy Scan Results
9. Oracle Identity Analytics Reports
10. Oracle Identity Analytics Scheduling
11. Oracle Identity Analytics Configuration
An identity audit rule has a rule condition. If, during an audit policy scan, the rule condition evaluates to true, the rule is triggered.
You can define complex rules with nested conditions on the basis of user information, resource types attributes, role metadata, classification, and business structure metadata.
An audit rule can be assigned one of three states: active, inactive, and decommissioned. Only active rules associated with an identity audit policy can be scanned.
When a rule condition is modified, all policies associated with this rule are impacted. If the modified rule is the cause of any existing open violations in the system, the cause and the associated violation will be impacted by the change in condition.
When users associated with such impacted violation are scanned against the policies associated with the modified rule, the following actions are taken on the violation:
A check is done if the modified condition still causes an exception.
If the rule condition still results in an exception, then the violation cause status is set to "Active." Otherwise, it is set to "Inactive."
The parent violation is updated accordingly.
Removing one or more rules from a policy is allowed only if all violations associated with that policy are in the "Closed" state.
So if you intend to remove rules, you must change all unresolved (Open, Closed as Fixed, Closed as Risk Accepted) violations to the "Closed" state.
Adding of new rules to an existing policy is allowed. However, this change can impact some existing unresolved violations. The next time the modified policy is scanned, existing open violations that are impacted by this change are updated and new ones are created if the new rules have caused exceptions.
Log in to Oracle Identity Analytics.
Choose Identity Audit > Rules.
Click New Rule.
The New Rule form wizard opens.
Enter a name and description for the rule, and select whether the rule should be Active or Inactive.
Create one or more conditions for the rule.
Select the Object (either User, Role, Business Unit, or Resource Types objects are provided), the corresponding attribute, the rule condition, and enter the value.
You can use operators such as And / Or to add more conditions.
Use the Group and Ungroup buttons to create complex conditions.
Click Save.
The rule is created and is displayed on the Rule page.
Log in to Oracle Identity Analytics.
Choose Identity Audit > Rules.
All the rules that have been created are displayed.
Click the rule that you want to edit or to make active/inactive.
The Edit Rule page opens.
Edit the fields, as required.
Change the state to Active, Inactive, or Decommissioned, as required.
A decommissioned rule is inactive permanently. This rule cannot be activated again. However, all information about the rule is retained in Oracle Identity Analytics.
Click Save.
|