Hi! I would need to see what past aggregation brought to IDN, for example what accounts were read 10 days ago, with their values. This is because I am having some attributes mismatches and need to investigate if it is because they came wrong from source, or were not proccessed on IDN.
Hi Julian, you may be able to leverage the historical identities APIs if the attributes in question are at the identity level. I’m not aware of a way via search or API to do this for account level attributes and aggregations.
Hi Adam, yes I was looking some account historical log without luck.
I just confirmed that the identity history APIs do track changes but only for identity attributes, not each individual account attribute.
https://tenant.api.identitynow.com/beta/historical-identities/IDENTITY_GUID/events
You’d need to reference your SIEM tool if those changes are tracked there for the account attribute changes.
-
Do this call to get all identities:
list-historical-identities | SailPoint Developer Community -
Get the GUID (“id”) for the identity in question
-
Send this call to see all events for the identity: get-historical-identity-events | SailPoint Developer Community
1 Like
Hi Adam, thank you for your suggestion, I just tried now. It is very usefull to track identity attributes changes, I will kept.
As a workaround for traking accounts, and as I am using a web services as an authoritative source, I just developed an after operation rule that logs all records returned by the web service, at every aggregation. So If something is reported I can go to ccg.log and see what the source brought:
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
Iterator resultsIterator = processedResponseObject.iterator();
log.info("Total accounts returned: " + processedResponseObject.size());
if(processedResponseObject.size() == 0)
log.info("No results, raw WS response: " + rawResponseObject);
while(resultsIterator.hasNext()) {
Map map = resultsIterator.next();
Set keys = map.keySet();
Iterator keysIt = keys.iterator();
String result = "";
while(keysIt.hasNext()) {
String key = (String)keysIt.next();
result += "attribute:" + key + "//value:" + (String)map.get(key) + "***";
}
log.info("Account: " + result);
}
1 Like
That’s actually really clever. TBH, beanshell is one of my blindspots in this realm so that’s a good workaround.
1 Like
@jsosa You might be able to see historic aggregations using the Search API. Specifically, you’ll want to check out audit reporting and searching events. I don’t have any specific guidance on how to accomplish historical aggregation data, but you might be able to get that from the links I shared.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.