• |
Globally, using the Audit panel, to display the whole Quest ESSO audit events. |
• |
Contextually, using the Directory panel (Events tab of a selected object), to display only the audit events associated directly or indirectly with the selected object. |
• |
• |
By default, Quest ESSO category events are displayed. If you also want to display all Identity & Access Manager audit events, set the following registry key (DWORD) to 1: FrameWork\Audit\ShowIAMCategories (REG_DWORD) |
1. |
In the Audit panel, select the time range corresponding to the events you want to display, and click Apply. |
2. |
If your auditor role is restricted to one or more audit populations, select the wanted population in the drop-down list, or select the Select all populations check box. |
3. |
• |
1. |
In the tree structure of the Directory panel, select the group, organization or directory that you want to mark as audit population. |
2. |
3. |
• |
• |
Click Set. |
1. |
a) |
Access point: this category allows you to apply a filter on access points according to their name or their identifier. |
b) |
Application: this category allows you to apply a filter on applications according to their name or their identifier. |
c) |
Audit ID: this category allows you to apply a filter on audit identifiers. |
d) |
Category: this category allows you to choose the family of audit events you want to be displayed in the audit report: |
• |
SSO: SSO audit events. |
• |
Authentication: Authentication audit events. |
• |
System: Access point audit events. |
• |
Admin: Administration audit events. |
e) |
Detailed content: this category allows you to choose the event attributes you want to be displayed. Example: cache authentication, DN, delegates... |
f) |
g) |
Event Code: this category allows you to defines the audit events that must be included in the audit report. |
h) |
Extended information: this category allows you to define a regular expression that will be applied to the Extended information field. This field contains event-specific information. |
i) |
Population: this category only appears if your audit administration role is not restricted to a set of audit populations (for more details, see "Administration Tab Description" in Section 4.2, "Delegating Administration Roles"). It allows you to filter events according to existing audit populations. |
2. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy