8.3 p4
Hi everyone,
I want to prune some custom identity events from the identities because we are no longer using the events we previously created. These events were used to send notifications about birthright roles with their details. Since this functionality is no longer required, can anyone help with cleaning up these events?
Thanks
Hi @hs25102025
As a first step, you can disable these events. Once you are confident, you can delete the respective ‘Identity Trigger’ event definition from the debug page.
Please find below Data Pruning best practices:
Hi @pattabhi thanks for your response. This information is very helpful to me. However, the main issue is that I can still see the background workflow cases, and all pending work items seem to have been pruned. Yet, some user events are still showing as if they’ve looped around 1000 times due to a rule failure. I can’t share them due to our policies, but I’d be very happy if you could suggest any other way to remove them.
Did you try writing a rule to delete those events?? can you create a run rule and delete all these events/workflow cases??
Hello @hs25102025 as @pattabhi mentioned, that should be enough for pruning the events. However, since you’re still seeing them, you can try the code below once. Before that, let me explain, all the identity events can be found in the table spt_audit_event(By following this doc Find identity event.) In this table, you can see details such as the action, target identity, and whether the event was processed for the user. You can retrieve these attributes and values and remove the corresponding entries from the table if needed.
Example Code:
import sailpoint.object.AuditEvent;
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
QueryOptions qo = new QueryOptions();
qo.add(Filter.eq("action", "identityLifecycleEvent"));
qo.add(Filter.like("target", "Your-Identity"));
qo.add(Filter.like("string3", "Rapid Setup Leaver processed a lifecycle event"));
Iterator it = context.search(AuditEvent.class, qo);
while (it.hasNext()) {
AuditEvent event = (AuditEvent)it.next();
log.error("Deleting AuditEvent => ID: "+event.getId()+
", Target: " + event.getTarget()+
", Action: " + event.getAction()+
", String3: " + event.getString3());
context.removeObject(event);
}
First, try it for a single identity, and then update the string3 value based on your identity event.
If that works, you can modify it to apply to all users who are part of the event. Make sure you are not removing standard ones.
Thanks,
Raju 
I recommend exporting those events before deleting them. As others have mentioned, you’ll need to create a custom rule since there’s no out-of-the-box functionality to prune them. In addition to deleting the events, ensure that the corresponding audit actions are also deleted or disabled.
Yes, first print the objects (comment out context.removeObject(event);). If the objects look good, then proceed to remove them.
Thanks Santhi Raju I tried the code got some errors at first but now it is working and giving results. Thanks everyone for your help.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.