Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Passwords 7.4 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Home page Privileged access requests Appliance Management
Appliance Backup and Retention Certificates Cluster Global Services External Integration Real-Time Reports Safeguard Access Appliance Management Settings
Asset Management
Account Automation Accounts Assets Partitions Discovery Profiles Tags Registered Connectors Custom platforms Importing objects
Security Policy Management
Access Request Activity Account Groups Application to Application Cloud Assistant Asset Groups Entitlements Linked Accounts User Groups Security Policy Settings
User Management Reports Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP and SPS join guidance Appendix C: Regular Expressions

Reports

Reports allows users to view and export reports that show which assets, accounts, users, tags, and partitions a selected user manages. Reports can be exported in .csv or .json format.

In the web client, the Reports section contains the following sub-pages:

  • Activity Center: The Activity Center is the place to go to view the details of specific events or user activity. The appliance records all activities performed within One Identity Safeguard for Privileged Passwords. Any administrator has access to the audit log information; however, your administrator permission set determines what audit data you can access.

  • Entitlements: One Identity Safeguard for Privileged Passwords provides the following types of entitlement reports (for more information, see Entitlement reports):

    NOTE: The number indicated in the tab title shows the number of unique users, assets, or accounts. When you enter search criteria for the report, the number displayed on the tab will adjust accordingly.

    • User: Lists information about the accounts a selected user is authorized to request.
    • Asset: Lists information about the accounts associated with a selected asset and the users who have authorization to request those accounts.
    • Account: Lists detailed information about the users who have authorization to request a selected account including: Entitlement, Policy, Access Type, Password Included, Password Change, Time Restrictions, Expiration Date, Group, From Linked Account, and Last Accessed.
  • Ownership: One Identity Safeguard for Privileged Passwords provides these ownership reports (for more information, see Ownership reports):

    NOTE: The number indicated in the tab title shows the number of unique users, partitions, assets, accounts, or tags. When you enter search criteria for the report, the number displayed on the tab will adjust accordingly.

    • User: Lists information about ownership based on each owner.

    • Partition: Lists information about ownership for a partition.

    • Asset: Lists information about ownership for an asset.

    • Account: Lists information about ownership for an account.

    • Tag: Lists information about owners of assets and accounts assigned to a tag.

Activity Center

The Activity Center is the place to go to view the details of specific events or user activity. The appliance records all activities performed within One Identity Safeguard for Privileged Passwords. Any administrator has access to the audit log information; however, your administrator permission set determines what audit data you can access. For more information, see Administrator permissions.

The Activity Center page contains these options:

  • Select a Saved Search: Allows you to access and manage previously saved search and scheduled reports.
  • Save or Schedule Search: Saves the current search criteria which can be used later to generate the report. For more information, see Saving search criteria and loading previously saved search criteria.
  • Clear Search Criteria: Resets the current search criteria back to the default settings (all activity occurring within the last 24 hours).
  • Activity Category: Use this drop-down to filter the activity being searched for based on category. Selecting All Activity will search all categories.
  • Date Range: Use this drop-down to specify a time frame for the search.

Use the available search fields to specify additional query criteria to retrieve the information you are looking for. For more information, see Applying search criteria.

Activity Center: Results toolbar

Once an activity audit log report is generated, the results section contains the search results grid and these toolbar options:

  • View Details: After selecting a result, click this button to view the details.
  • Request Workflow Details: After selecting a result related to an access request, click this button to open a detail of all actions for that request (for example: approvals, password checkouts, and session logs).
  • Export: Select to create a .csv or .json file of the criteria displayed and save it to a location of your choice.
  • Refresh: Updates the search results page.
  • Search: You can search by a character string or by a selected attribute with conditions you enter. To search by a selected attribute click Search and select an attribute to search. For more information, see Search box.

Applying search criteria

Use the query builder in the Activity Center to add and remove data from your activity audit log report to get the information you need.

By default, an activity audit log report includes all activity occurring within the last 24 hours. However, using the query options provided you can specify search criteria to retrieve specific information from the activity audit log. The available search criteria may include:

  • Activity Category: Use this drop-down to narrow parameters and event details.
  • Date Range: Use this drop-down to narrow results by hours, days, or a custom time frame you set.
  • User Name: Clicking this field opens a dialog where you can select a user for the activity report.
  • Asset Name: Clicking this field opens a dialog where you can select the asset for the activity report.
  • Account Name: Clicking this field opens a dialog where you can select the account for the activity report.

To apply search criteria to the audit log

Activity Category and Time frame are required to generate a report. Other search criteria is optional and allows you to narrow the report to the exact parameters provided.

  1. Navigate to the Activity Center (Reports > Activity Center).
  2. Activity Category defaults to All Activity (Summary Only). Click the drop-down to limit the report to select the activity category to be included in the report.

  3. Date Range defaults to Last 24 Hours. To specify a different time frame, click the drop-down and select the time frame to be included in the report. If using the Custom option, specify the custom date and time range.

  4. Clicking the User Name field opens a dialog where you can select a user for the activity report.
  5. When available, clicking the Asset Name field opens a dialog where you can select the asset for the activity report.
  6. When available, clicking the Account Name field opens a dialog where you can select the account for the activity report.
  7. To remove your selections, use Clear Search Criteria to reset the search back to the default.

Saving search criteria and loading previously saved search criteria

You can save the current search criteria defined to be used at a later time to generate an activity audit log report. You can save the current search criteria from the main Activity Center view (query builder page) or from the results view.

To save the current search criteria

  1. Navigate to the Activity Center (Reports > Activity Center).
  2. Specify the search criteria to be used to generate the desired report. For more information, see Applying search criteria.
  3. Click Save or Schedule Search.
  4. In the Save Scheduled Report dialog, enter the following information:

    1. Name: Enter a name for the search.
    2. Description: Optionally, enter descriptive text to describe the search.
    3. Run Every: By default this is set to Never. Selecting another option from the drop-down will enable additional configuration options. For more information, see Scheduling an activity audit log report
  5. Click OK.
  6. To run a previously saved search, click Select a Saved Search.

    1. Select a search from the list.

    2. Click OK.

    The search criteria for the selected search appears on the Activity Center page.

To load previously saved search criteria

  1. Navigate to the Activity Center (Reports > Activity Center).
  2. Click Select a Saved Search.
  3. Select a search from the list.
  4. Click Load Report.

    The search criteria for the selected search appears on the Activity Center page.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen