User-centric operations in Oracle Identity Manager goes through multiple stages of orchestration. For example, the create user operation has multiple orchestration stages. If the operation at any stage generates an error, then that can be tracked by using the orchestration dashboard in Oracle Enterprise Manager. The orchestration dashboard shows the following:
A trace of all recent user operations
Short error messages with full exception stack
Error logs
SOA composite instance details
The predefined and custom event handlers configured for an operation
Search results based on various criteria
To access the orchestration dashboard:
Log in to Oracle Enterprise Manager.
Expand Farm_WLS_IDM, Identity and Access, OIM.
The OIM page is displayed with three tabs: Dashboard, Operations, and Instances. For information about these tabs, see the subsequent sections.
The Dashboard tab tracks and displays all the recent operations and failures. It consists of the following sections:
Recent Operations: By default, it displays in a tabular format the recent operations. From the drop-down list on the top right of the table, you can select any other value, such as Last 48 Hours or ALL, to display the information for the selected time period.
Failed Operations: By default, it displays in a tabular format the operations that failed in the last 24 hours. From the drop-down list on the top right of the table, you can select any other value, such as Last 48 Hours or ALL, to display the information for the selected time period.
Table 23-1 lists the columns in the Recent Operations and Failed Operations sections of the Dashboard.
Table 23-1 Recent Operations and Failed Operations
Column | Description |
---|---|
Operation |
This is the operation name, such as Create User, Provision Account, and Assign Role Membership. |
Operation ID |
Identification number that uniquely identifies the operation. This is a hyperlink. You can click the operation ID hyperlink to display additional details about the operations, such as the event handlers that have executed as a part of the operation, the orchestration stage, and status of each event handler execution. |
Beneficiary |
The user login of the beneficiary of the operation. For example, in a create user operation, the user is the beneficiary. |
Status |
Status of the operation, such as COMPLETED or FAILED. For failed operations, the statuses can be COMPENSATED or CANCELED. |
Start Date |
The start date of the operation. |
Error Message |
Error message, if an error has occurred. |
Context |
The context of the operation, such as ADMIN or REQUEST. For information about context, see . |
Context ID |
The context ID that uniquely identifies the context. Link if context is REQUEST. |
ECID |
This is the Execution Context ID. It is an unique ID to track an operation across some Fusion Middleware components, such as SOA or OID. |
Is Bulk |
Whether the operation is a bulk operation or single operation. The value is true for bulk operation and false for single operation. |
Clicking an operation ID in the Operation ID column displays the operation details in a new tab. The operation details tab consists of the following sections:
Event Handlers: Details of the event handlers that have executed as part of the operation.
Fault Handlers: Details of the fault handlers that have executed as part of the operation.
Table 23-2 lists the columns in the Event Handlers and Fault Handlers sections.
Table 23-2 Event Handlers and Fault Handlers
Column | Description |
---|---|
Event ID |
The event handler ID. |
Caused Event ID |
The unique ID to track the failed handler as a result of which the fault handler executes. |
Event Handler |
The names of the event handlers that have executed as a part of the operation. |
Stage |
The orchestration stage, such as VALIDATION or POST PROCESS. |
Status |
The status of the operation, such as COMPLETED or FAILED. |
Start Time |
The start time of the event handler execution. |
End Time |
The end time of the event handler execution. |
Error Message |
The error message that is generated while executing the event handler. This is a hyperlink, clicking which displays the full error or exception stack in a popup. |
If you click a value in the ECID column of the operation details page, the Log Messages page is displayed. This page provides a list of all error messages that have been logged, and allows you to search and filter the messages. The corresponding row for the ECID that you clicked on the operation details page is selected by default.
To search for log messages:
In the Search section of the Log Messages page, specify values in the fields listed in Table 23-3:
Table 23-3 Log Messages Search Fields
Field | Description |
---|---|
Date Range |
The date range for which you want to display the log messages. The date range can be specified in a combination of lists and input fields. For example, the date range can be Most Recent, and you can specify a number of days and weeks for which the log messages will be displayed. Select any one of the following:
|
Message Types |
The message types that you want to include in your search criteria, such as Incident Error, Error, Warning, Notification, Trace, and Unknown. Select the checkbox for these message types to include them in the search criteria. This is a mandatory search criteria and you must select at least one message type to perform the search. |
Message |
If you are searching for one or more messages with specific content, then you can specify the criteria in this field. For example, you can select |
ECID |
The ECID that you want to specify as the search criteria. When the you click the ECID value in the operation details page, the Log Messages page is displayed with the selected ECID in this field. If you do not want to include the ECID in the search criteria, then remove the value from this field, or click the cross icon adjacent to the ECID field. |
Click Search. The results that match the search criteria are displayed in a tabular format.
In the search results table, select a row to display the details of the row or log message in the lower part of the page.
If you want to add or remove search fields, then click Add Fields, and select the fields from the list that you want to add. Similarly, you can deselect a field to remove it. Then, click Add.
To go back to the Dashboard, click Oracle Identity Manager Cluster on the top of the page, and select Administration.
For a log message with status as FAILED_WITH_COMPENSATION, the message is not displayed. If you want to retrieve information about the context, then click the context ID in the Context ID column. If the context is REQUEST, then the OIM Contxt Worlflow dialog box is displayed with the corresponding ECID, composite name, and the conversation ID. The conversation ID uniquely distinguishes between the invocation of SOA instances.
The Operations tab lists all operations that are configured and deployed. Click an operation to display configuration details, which includes all the event handlers that are configured for the selected operation. When you select an operation, the configuration details are shown in the Configurations section on the lower part of the page. This section displays the event handlers and fault handlers that are configured as part of the selected operation.
Table 23-4 lists the columns in the tables of the Operations tab:
Table 23-4 Columns in the Operations Tab Table
Column | Description |
---|---|
Event Handler |
The event handlers or fault handlers that are configured as part of the selected operation. |
Class |
The class of event handler or fault handler, such as oracle.iam.request.eventhandlers.ChildRequestValidationHandler. |
Stage |
The stage of orchestration in which the event handler is in, such as PREPROCESS and VALIDATION. |
Order |
The order in which the event handlers have executed. |
Location |
The directory path of the EventHandler.xml file that is associated with the event handler or fault handler. |
Custom/OOB |
Whether the event handler or fault handler is a default handler or a custom handler. |
Conditional |
Whether or not the event handler or fault handler is conditional. |
The Instances tab displays information about the operation instances and allows you to search for instances of a specific operation. For example, if a user creation operation fails and you want to find out the process ID to diagnose and troubleshoot, then you can either view the corresponding operation ID in the Dashboard tab or search for the operation in the Instances tab, such as by beneficiary.
To search for operation instances:
Click the Instances tab.
In the Search section, select any one of the following for the March field:
Match All: Specifies that all instances that match the search criteria are displayed in the search result.
Match Any: Specifies that any instance that matches the search criteria is displayed in the search result.
Enter values in any one of more of the other fields, such as Operation, Beneficiary, Status, Operation ID, or Request ID if the values are known to you.
Click Search. The search result is displayed in tabular format in the Instances section in the lower part of the page. The Operation ID and ECID displayed in the search results table are hyperlinks, clicking which displays the operation details and log messages respectively.