ADLOR
May 22, 2024, 7:56am
1
Version 8.3
Hello guys!
Hello @ADLOR ,
Let me know If I am understanding your use case correct, you want to create a report which displays all the failed native change event (change is Denied in IIQ after aggregation). Is that correct?
If yes, information of this is stored in database table Spt_audit_event and the action is identityLifecycleEvent.
iamksatish
May 22, 2024, 9:17am
3
@ADLOR
iamksatish
May 22, 2024, 9:48am
4
Created a quick sample Task Definition and form you can use
Please customize the fields based on your requirement
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE TaskDefinition PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<TaskDefinition executor="sailpoint.reporting.LiveReportExecutor" name="IIQ Native Identity Change Event Report" progressMode="Percentage" resultAction="Rename" subType="IIQ Monitoring Reports" template="true" type="LiveReport">
<Attributes>
<Map>
<entry key="report">
<value>
<LiveReport title="IIQ Native Identity Change Event Report">
<DataSource objectType="NativeIdentityChangeEvent" type="Filter">
<QueryParameters>
<Parameter argument="status" property="status"/>
<Parameter argument="type" property="type"/>
<Parameter argument="applicationName">
<QueryScript>
<Source>
import sailpoint.object.Filter;
import sailpoint.object.QueryOptions;
import sailpoint.object.Application;
if (value != null ){
Application app=context.getObjectByName(Application.class,value.toString());
Filter ftr=Filter.eq("applicationId",app.getId());
queryOptions.addFilter(ftr);
}
else
{
Filter ftr=Filter.notnull("id");
queryOptions.addFilter(ftr);
}
return queryOptions;
</Source>
</QueryScript>
</Parameter>
</QueryParameters>
</DataSource>
<ReportForm>
<Reference class="sailpoint.object.Form" name="IIQ Native Identity Change Event Report Form"/>
</ReportForm>
<Columns>
<ReportColumnConfig field="OldNativeIdentity" header="Old Native Identity ID" property="oldNativeIdentity" sortable="true" width="110"/>
<ReportColumnConfig field="newNativeIdentity" header="New Native Identity ID" property="newNativeIdentity" sortable="true" width="110"/>
<ReportColumnConfig field="Status" header="Event Status" property="status" sortable="true" width="110"/>
<ReportColumnConfig field="type" header="Object Type" property="type" sortable="true" width="110"/>
<ReportColumnConfig field="identityDetails" header="Identity Details" property="identityId" sortable="true" width="110">
<RenderScript>
<Source>
if(value!=null){
import sailpoint.object.Identity;
Identity idenObj = context.getObjectById(Identity.class, value);
if(idenObj!=null){
return idenObj.getName();
}
}
</Source>
</RenderScript>
</ReportColumnConfig>
</Columns>
</LiveReport>
</value>
</entry>
</Map>
</Attributes>
<Description>Displays Native Identity Change Event Results</Description>
<Signature>
<Inputs>
<Argument multi="true" name="applicationName" type="String">
<Description>Application Name</Description>
</Argument>
<Argument multi="true" name="status" type="String">
<Description>Status</Description>
</Argument>
<Argument multi="true" name="type" type="String">
<Description>Object Type</Description>
</Argument>
</Inputs>
</Signature>
</TaskDefinition>
Form
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Form PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Form hidden="true" name="IIQ Native Identity Change Event Report Form" type="Report">
<Section columns="2" label="IIQ Native Identity Change Event Report" name="customProperties">
<Field displayName="Object Type" helpKey="Object Type" multi="true" name="type" type="String" value="ref:type">
<AllowedValuesDefinition>
<Script>
<Source>
String[] status = {
"Account ",
"Group",
};
List values = new ArrayList();
for (String statusPresent : status) {
List value = new ArrayList();
value.add(statusPresent);
value.add(statusPresent);
values.add(value);
}
return values;
</Source>
</Script>
</AllowedValuesDefinition>
</Field>
<Field displayName="Event Status" helpKey="Status of Native Identity Change Event" multi="true" name="status" type="String" value="ref:status">
<AllowedValuesDefinition>
<Script>
<Source>
String[] status = {
"Completed ",
"Failed",
"Pending",
"Processing",
"Waiting",
};
List values = new ArrayList();
for (String statusPresent : status) {
List value = new ArrayList();
value.add(statusPresent);
value.add(statusPresent);
values.add(value);
}
return values;
</Source>
</Script>
</AllowedValuesDefinition>
</Field>
<Field displayName="Application Name" helpKey="Application Name" multi="true" name="applicationName" type="string" value="ref:applicationName">
<AllowedValuesDefinition>
<Script>
<Source>
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.object.Application;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
Set set=new HashSet(); ;
QueryOptions queryOptions = new QueryOptions();
queryOptions.addFilter(Filter.notnull("name"));
Iterator iterator = context.search(Application.class,queryOptions);
while( iterator != null && iterator.hasNext()) {
Object appObject = iterator.next();
appName=appObject.getName();
set.add(appName.toString());
}
return set;
</Source>
</Script>
</AllowedValuesDefinition>
</Field>
</Section>
</Form>
2 Likes
ADLOR
May 22, 2024, 2:31pm
5
Hello Balaji,Native Identity Change Propagation tasks which are failing. These then I can find in the debug under object: NativeIdentityChangeEvent. I sort on Status “failed” and there is a lot. I need to have a report, which is having columns on: ID, UUID, Old Native Identity and New Native Identity, so I can easily see what action is needed to be performed.
ADLOR
May 22, 2024, 2:32pm
6
Hi Satish!
system
July 21, 2024, 2:32pm
7
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
