During monitoring activity my code is taking too much time to Itrate over identity

IdentityIQ (IIQ) IIQ Discussion and Questions
,
1

Which IIQ version are you inquiring about?

Version 8.3

Share all details related to your problem, including any error messages you may have received.

Hi Team,

I have written some code to monitor sailpoint but it take to much time during running. Is there any alternate way to do this.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule language="beanshell"  name="getAllIdentity">
  <Source>
  import java.util.ArrayList;
  import java.util.*;
  import sailpoint.api.SailPointContext; 
  import sailpoint.object.Identity; 
  import sailpoint.object.QueryOptions;
  import sailpoint.object.Filter;
  import sailpoint.object.Application;
  import sailpoint.object.Link;
  import sailpoint.object.ManagedAttribute;
  import sailpoint.object.Bundle;
  import sailpoint.object.AuditEvent;
  import sailpoint.object.IdentityRequest;
  import sailpoint.tools.GeneralException;
   import sailpoint.object.AuditEvent;
  import java.util.List;

  int countActive=0;
  int countCWK=0;
  int countEMP=0;
  int countVIR=0;
  int countPAR=0;
  int countInactive=0;
  int countInactiveWithActiveApp = 0;
  int countBusinessRoles = 0;
  int countEntitlement = 0;
  int countprocessedEvents=0;
  int countConnectedApp=0;
  int countDisconnectedApp=0;
   int countCompleted = 0;
   int countFailed = 0;
   int countPendingApproval = 0;
   int countPasswordChanges=0;
   int countBirthright = 0;
  
  try{
  
   System.out.println("1");
  QueryOptions qo = new QueryOptions();
  qo.addFilter(Filter.notnull("id"));

  List IdentityList = context.getObjects(Identity.class, qo);

  System.out.println("Total Identity size::" + IdentityList.size());
    
   //get connected and disconnected application   
     System.out.println("1000");
   List appList = context.getObjects(Application.class);
      System.out.println("1size::::::"+appList.size());
     List appNameList = new ArrayList();
    for(Application app: appList){
    
       String type=app.getType();
       if (type == null) {
            System.out.println("Found an application with null type");
         System.out.println("Found an application ::"+app.getName());
            continue; // Skip this iteration
        }

        if (type.equals("DelimitedFile")) {
            countDisconnectedApp++;
        } else {
            countConnectedApp++;
        }
}
  //count number of times password change
      try {
            
            QueryOptions qo = new QueryOptions();
            qo.add(Filter.eq("action", "PasswordChange"));
            List results = context.getObjects(AuditEvent.class, qo);
        System.out.println(">>>>>>>>>>>>"+results);
        countPasswordChanges =results.size();
           // System.out.println("Total password changes: " + results.size());
        } catch (GeneralException e) {
            e.printStackTrace();
        }
    
    
    //count accessRequest ststus

 try {
            // Count completed requests
          
           QueryOptions qo = new QueryOptions();
          Filter successFilter = Filter.eq("completionStatus", "Success");
            qo.addFilter(successFilter);
            countCompleted = context.countObjects(IdentityRequest.class, qo);
          //   System.out.println("countCompleted:::"+countCompleted);
          
           // Count completed requests
           QueryOptions qo1 = new QueryOptions();
           Filter failedFilter = Filter.eq("completionStatus", "Failure");
            qo1.addFilter(failedFilter);
            countFailed = context.countObjects(IdentityRequest.class, qo1);

            // Reset QueryOptions for the next count
           QueryOptions qo2 = new QueryOptions();
           Filter pendingFilter = Filter.eq("completionStatus", "Pending");
            qo.addFilter(pendingFilter);
            countPendingApproval = context.countObjects(IdentityRequest.class, qo2);
          
          
          
          
        } catch (GeneralException e) {
            log.error("Error counting IdentityRequests: " + e.getMessage());
        }



//Total no. of active users/future dated user with missing birth rights.
    
         Set&lt;String> requiredApps = new HashSet();
        requiredApps.add("appliacation1");
        requiredApps.add("appliacation2");
        requiredApps.add("appliacation3");

    
  for (Identity identity : IdentityList) {
    //   System.out.println("Inside for:::::"+identity.getName());
    if(identity.isInactive()==false){
      
      
      List&lt;Link> links = identity.getLinks();
                Set&lt;String> foundApps = new HashSet();

                for (Link link : links) {
                    Application app = link.getApplication();
                    String appName = app.getName();
                    if (!requiredApps.contains(appName)) {
                        foundApps.add(appName);
                    }
                    if (foundApps.size() == requiredApps.size()) {
                        countBirthright++;
                        break;
                    }
                }
   
    
      
      
      
      countActive++;
    }


    // Check if the employeeType attribute is "CWK", with null check
    String employeeType = (String) identity.getAttribute("employeeType");
    if ("CWK".equals(employeeType)) {
      countCWK++;
    }
    
    
    
    // Check if the employeeType attribute is "EMP", with null check
    String employeeType = (String) identity.getAttribute("employeeType");
    if ("EMP".equals(employeeType)) {
      countEMP++;
    }

     // Check if the employeeType attribute is "VIR", with null check
    String employeeType = (String) identity.getAttribute("employeeType");
    if ("VIR".equals(employeeType)) {
      countVIR++;
    }
    
    
    
    // Check if the employeeType attribute is "PAR", with null check
    String employeeType = (String) identity.getAttribute("employeeType");
    if ("PAR".equals(employeeType)) {
      countPAR++;
    }

    
    //Total number of inactive users with active account 
     if(identity.isInactive()==true){
       
     List&lt;Link> links = identity.getLinks();

      for (Link link : links) {
        Application app = link.getApplication();
     //   System.out.println("app:::"+app);
          // status= app.isDisabled();
       //  System.out.println("countInactiveWithActiveApp Identity:'''':"+app.isDisabled());
        // Check if the application is active
       if (app != null &amp;&amp; !app.isDisabled()) {
          countInactiveWithActiveApp++;
          break; // Stop checking further applications for this identity
        }  
      }
       
       
      countInactive++;
    }

  }
   
    //get connected and disconnected application
 
     // String type=appObj.getType();
    
  //  System.out.println("type::::"+type);
    
    
    // count total Business role
     // Create a QueryOptions object to filter roles
   QueryOptions qo = new QueryOptions();
   qo.addFilter(Filter.eq("type", "business"));
    
    List roleList= context.getObjects(Bundle.class,qo);
    countBusinessRoles = roleList.size();
    
    // Count total number of entitlement.
   
     List managedAttribute=context.getObjects(ManagedAttribute.class);
    countEntitlement= managedAttribute.size();
    
    
   

    
    
    System.out.println("countActive Identity::"+countActive);
    System.out.println("countActive- CWK Identity::"+countCWK);  
    System.out.println("countActive- EMP Identity::"+countEMP); 
     System.out.println("countActive- PAR Identity::"+countPAR);  
    System.out.println("countActive- VIR Identity::"+countVIR); 
    System.out.println("countInactive Identity::"+countInactive); 
    System.out.println("countInactiveWithActiveApp Identity::"+countInactiveWithActiveApp); 
    System.out.println("countBusinessRoles ::"+countBusinessRoles); 
    System.out.println("countEntitlement ::"+countEntitlement); 
    System.out.println("countConnectedApp ::"+countConnectedApp); 
    System.out.println("countDisconnectedApp ::"+countDisconnectedApp); 
   // System.out.println("countprocessedEvents ::"+countprocessedEvents); 
     System.out.println("Access Request countCompleted  ::"+countCompleted); 
     System.out.println("Access Request countFailed ::"+countFailed); 
     System.out.println("Access Request countPendingApproval ::"+countPendingApproval); 
    System.out.println("countPasswordChanges ::"+countPasswordChanges); 
    System.out.println("countBirthright count::::::" + countBirthright);
   return null;
    

  
  }catch(Exception e){
    System.out.println("Error Message::::"+e.getMessage());
  
  
  }

 
  




  </Source>
</Rule>
2

First thing I would recommend to do would be to change

  List IdentityList = context.getObjects(Identity.class, qo);

into

Iterator iteratorIdentity = context.search(Identity.class,qo);

it will speed up the process quite much as it won’t load anymore identities into the memory anymore. You have to also change the loop you use to iterate to support iterator but It should help you quite much.

But in general I would say that your solution is quite suboptimal. You have context.countObjects() method which allows you to count objects if you provide proper query options.

3 Likes
3

On top of @kjakubiak

@amanKsingh I suggest you to construct QueryOptions for all your requirements, for example you are pulling all identities and then checking

Instead you could have added inactive filter as well to your Query Options, which will avoid loading inactive Identities and reducing the iterations.

Try to not use loops as much as possible

Why do you need to load entire object, you don’t need it. Just choose the attributes you need in every search query for every object including identity, application, AuditEvent …etc

Thanks
Krish

1 Like
4

Can you please suggest via code query filter to get total count of employee type

5

Is your employeeType attribute searchable ?

6

Yes, it is searchable

7

As I mentioned in my previous post

If employeeType is searchable attribute you can just build correctly query optoins

int countCWK = 0;
QueryOptions qo = new QueryOptions();
Filter f1 = Filter.eq("inactive",false");
Filter f2 = Filter.eq("employeeType","CWK");

qo.add(Filter.and(f1,f2);
countCWK = context.countObjects(Identity.class,qo);

This is the example for employeeType == CWK, you can just replicate it for other types.

1 Like
8

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.