Chat now with support
Chat with Support

Enterprise Single Sign-On 8.0.6 - Quest ESSO Console Administrator Guide

1. Overview 2 Authenticating to Quest ESSO Console and Managing Protection Modes 3 Searching the Directory Tree 4 Managing Administrators 5 Managing Security Profiles
5.1 Managing Time Slices 5.2 Managing Password Format Control Policies 5.3 Managing User Security Profiles 5.4 Managing Access Point Security Profiles 5.5 Managing Application Security Profiles 5.6 Defining Security Profiles Default Values 5.7 Managing User and Access Point Security Profiles Priorities
6 Managing Directory Objects
6.1 Managing Applications 6.2 Managing Users 6.3 Managing Access Points 6.4 Managing Representative Objects 6.5 Managing Clusters of Access Points 6.6 Selecting a Domain Controller
7 Importing/Exporting Security Profiles and Directory Objects 8 Managing Smart Cards
8.1 Assigning Smart Cards to Users 8.2 Formatting Smart Cards 8.3 Forcing a new PIN 8.4 Disabling Temporarily Smart Cards 8.5 Unlocking Smart Cards 8.6 Sending Smart Cards to a Blacklist 8.7 Extending the Validity of a Smart Card 8.8 Allowing Users to Renew their Smart Card Certificates 8.9 Displaying Smart Card Properties 8.10 Displaying the List of Supported Smart Cards 8.11 Managing Smart Card Configuration Profiles 8.12 Managing Loan Cards 8.13 Managing Smart Cards' Authentication Parameters 8.14 Managing Batches of Smart Cards
9 Managing SA Server Devices 10 Managing RFID Tokens 11 Managing Biometric Enrolment 13 Enabling the Public Key Authentication Method 14 Managing the Emergency Plan 15 Managing Audit Events 16 Managing Reports 17 Customizing Configuration Files 18 Creating Scripts Appendix A: Regular Expressions - Basic Syntax Appendix B: Listing Audit Events and Error Codes Appendix C: Correspondence Between Profile and Administration Rights

15.1 Displaying Audit Events

Contextually, using the Directory panel (Events tab of a selected object), to display only the audit events associated directly or indirectly with the selected object.
For example, let us consider an application object. The Events tab of this object displays any administration action directly associated with this object (as the modification of an option or of the administrator's list for example), but also any event linked to the creation of accounts associated with this application.
By default, Quest ESSO category events are displayed. If you also want to display all Identity & Access Manager audit events, set the following registry key (DWORD) to 1:
FrameWork\Audit\ShowIAMCategories (REG_DWORD)
1.
In the Audit panel, select the time range corresponding to the events you want to display, and click Apply.
3.
The Event detail window appears.
To interpret audit events, see
15.4 Interpreting Audit Events.

15.2 Defining an Audit Population

1.
In the tree structure of the Directory panel, select the group, organization or directory that you want to mark as audit population.
2.
Click the Events tab.
3.
In the Audit Population area:
Select the Mark events with label check box.
Click Set.

15.3 Managing and Applying Audit Filters

15.3.1 Creating an Audit Filter

The Audit panel allows you to build audit filters that you can save and apply on existing event records.
1.
In the Audit panel, click Advanced Filter.
a)
Access point: this category allows you to apply a filter on access points according to their name or their identifier.
b)
Application: this category allows you to apply a filter on applications according to their name or their identifier.
c)
Audit ID: this category allows you to apply a filter on audit identifiers.
d)
Category: this category allows you to choose the family of audit events you want to be displayed in the audit report:
SSO: SSO audit events.
Authentication: Authentication audit events.
System: Access point audit events.
Admin: Administration audit events.
e)
Detailed content: this category allows you to choose the event attributes you want to be displayed.
Example: cache authentication, DN, delegates...
f)
Error Code: this category allows you to filter events according to their error status.
g)
Event Code: this category allows you to defines the audit events that must be included in the audit report.
h)
Extended information: this category allows you to define a regular expression that will be applied to the Extended information field.
This field contains event-specific information.
i)
Population: this category only appears if your audit administration role is not restricted to a set of audit populations (for more details, see "Administration Tab Description" in Section 4.2, "Delegating Administration Roles").
It allows you to filter events according to existing audit populations.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating