We have enabled the below list in audit configuration page of IIQ but unable to understand what we need select in the Action tab under Audit in Advanced Analytics,
Certification Signoff (not found)
Role sunrise (Not found)
Role sunset (Not found)
Allow Exception on Violation (Not found)
Correct Violation(Not found)
Plugin Installed (Not found)
Plugin Upgraded(Not found)
Plugin Uninstalled(Not found)
Entitlements Request Started (Not found)
Identity Edit Request Started (Not found)
Manual Provisioning( not found)
Roles Request Started (Not found)
Unlock (Not found)
Identity Locked (not found)
Identity Unlocked (not found)
Authentication Answer Incorrect (not found)
Password Policy Changed (not found)
API Configuration Changed (not found)
Privileged Account (Not found)
Assigned Roles (Not found)
Capabilities (Not found)
Authorized Scopes (Not found)
Password (Not found)
Assigned Scope (Not found)
Correlation Status (Not found)
EmailTemplate (Not found)
UIConfig (Not found)
Workflow (Not found)
We need to know under which “Action” item we will find these.
Go to Debug page, select the AuditConfig object and open the AuditConfig.
you can find the name of audit action. Same name should be selected in the Action tab under adavanced analytics
@Arun-Kumar thanks for the clarification. The names are not straight forward. Even with the same name i don’t see anything in advanced analytics → audit → action. Is it named enable disable there in UI?
You can perform a simple test by enabling the Login Failure Audit event in audit configuration. First, log out of SailPoint and attempt to log in with incorrect credentials. After that, log in with the correct credentials and check for an audit action named ‘loginFailure.’ This exact name can be found in the AuditConfig object on the debug page.
In short, make sure to trigger the event after enabling the audit event.
There is no option to generate all the events at once. For testing, you can create a dummy event from debug. Once the dummy event created, you can able to view from Advanced Analytics.
Anyone has idea on how to test the below events, as these are not part of Audit actions
Privileged Account (Not found)
Assigned Roles (Not found)
Capabilities (Not found)
Authorized Scopes (Not found)
Password (Not found)
Assigned Scope (Not found)
Correlation Status (Not found)
EmailTemplate (Not found)
UIConfig (Not found)
Workflow (Not found)