Share all details related to your problem, including any error messages you may have received.
Hi community,
In the audit configuration I have activated values, I have carried out tests and I have validated in the spt_audit_event table of the database and/or in Advanced Analytics - Audit, how the different records are observed; However, I cannot find how to audit the identity deletion events that an administrator can perform in IIQ.
Is it possible in some way to audit such events when deleting an identity is performed on the Debug page or with a Prune Identities task?
In IIQ8,3 it is not yet possible to audit events performed in debug. This feature is introduced in 8.4 (Audit changes made through the Debug Object Browser), See 8.4 IdentityIQ Release Notes - Compass
To enable this feature an upgrade to IIQ8.4 is needed or use Debug Audit Plugin (which also allows objects to be restored after being changed or deleted ).
Objects deleted using the Prune Identties task should be audited using the general Actions audit events (Gear-> Audit Configuration → General Actions → Delete)
You are right @kjakubiak . There is no audit event when identity-cubes are deleted via the ‘Prune Identities Cube’-task. I valiaded the same running the task and reviewing the IIQ 8.3 code.
Logging can be enabled (and I know this is not real auditing) to see which cubes are deleted. Adjust the log4j2.properties file and add: