Time Stamp filter

I am working on the schedular in iiq for generating report. I want build a code to get the users who got assigned to the entitlements with the 6 hours while the refresh of this rule is done everyday.

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule created="1726467520558" id="0ad8290f91ef11908191f97bb82e664a" language="beanshell" modified="1726730556286" name="BBY-idenFilter12">
  <Source>
      
        import sailpoint.object.*;
        import sailpoint.object.Filter;
        import java.util.Calendar;
        import java.util.Date;
        import java.text.SimpleDateFormat;

        SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy");
        Date today = new Date();
        Calendar cal = Calendar.getInstance();
        cal.add(Calendar.HOUR, -4);
        Date fourHourBack = cal.getTime();

       // Fetch the epoch time stamp from the filtering entitlement value
        String entitlementValue = "CN=BBY-U-US-SLM-Standard-Request,OU=Groups,OU=Best Buy,OU=Users and Groups,DC=naqa,DC=bestbuyqa,DC=com"; // Replace with your entitlement value
        long epochTime = getEpochTimeFromEntitlementValue(entitlementValue);
        Date epochDate = new Date(epochTime);

        QueryOptions qo = new QueryOptions();
        qo.addFilter(Filter.ge("created", fourHourBack));
        qo.addFilter(Filter.eq("value", entitlementValue));
        List idenEntList = context.getObjects(IdentityEntitlement.class, qo);
        return idenEntList;
      
    </Source>
</Rule>

here a sample code to make the changes of the time stamp to filter out the users and entitlement. Can anyone please help me with the filter of the application and entitlement and check the users updated to the entitlement and generate report.

Hi :slight_smile:

  1. In your code there is an issue with the hours value ( instead of 6 you have set 4):

Calendar cal = Calendar.getInstance();
cal.add(Calendar.HOUR, -6);
Date sixHoursAgo = cal.getTime();

  1. Define the entitlement value and application name

String entitlementValue = ā€œCN=BBY-U-US-SLM-Standard-Request,OU=Groups,OU=Best Buy,OU=Users and Groups,DC=naqa,DC=bestbuyqa,DC=comā€;
String applicationName = ā€œYourApplicationNameā€;

  1. Fetch the Application object

Application app = context.getObjectByName(Application.class, applicationName);

if (app == null) {
throw new GeneralException(ā€œApplication 'ā€ + applicationName + ā€œā€™ not found.ā€);
}

  1. Create QueryOptions with the necessary filters

QueryOptions qo = new QueryOptions();
qo.addFilter(Filter.ge(ā€œcreatedā€, sixHoursAgo));
qo.addFilter(Filter.eq(ā€œvalueā€, entitlementValue));
qo.addFilter(Filter.eq(ā€œapplicationā€, app));

  1. Fetch the list of IdentityEntitlement objects

List idenEntList = context.getObjects(IdentityEntitlement.class, qo);

  1. Read the identities:

for (IdentityEntitlement ie : idenEntList) {
Identity identity = ie.getIdentity();
if (identity != null) {
identities.add(identity);
}
}

2 Likes

Hi @abartkowski ,

I am facing a similar issue while trying to fetch a list of identities whose lastRefresh date is less than the start date of an account aggregation task. I do not see any errors but the filter returns a lot of identities that do not fit the criteria. Below is the piece of code i am using, can you please let me know what my mistake is?
Also, it does not matter if I use ā€˜gtā€™ or ā€˜ltā€™, the names1 variable has 7900+ identities or 7500+ identities respectively. I have cross-checked a lot of these and they are incorrectly added.
For example, the aggregation task started on Sep 20th, 2024 and when I use ā€˜ltā€™ in the filter, I see IDs with refreshDate Oct 2nd, 2024. Similarly, when I use ā€˜gtā€™, I see IDs with refreshDate as far back as Jul 18th, 2024.

Thanks in Advance,
Manoj


//  log.debug("Agg started date is : "+aggTaskStartDate);
Filter filter=Filter.gt("lastRefresh",aggTaskStartDate);
qo.addFilter(filter);
  
List ids = context.getObjects(Identity.class,qo);
if(ids!=null){
   for(Identity id : ids){
      if(id.getName()!=null){
         names1.put(id.getName(),id.getLastRefresh());
      } else {
         names1.put(" "," ");
      }
   }
  names1.put("AggtaskStartDate",aggTaskStartDate);
  return names1;
} else {
return names1;

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.