Chat now with support
Chat with Support

Enterprise Single Sign-On 9.0.2 - One Identity Enterprise Access Management Console Administration Guide

Preface Overview Authenticating to EAM Console and Managing Protection Modes Searching the Directory Tree Managing administrators Managing Security Profiles
Managing time slices Managing Password Format Control Policies Managing User Security Profiles Managing Access Point Security Profiles Managing Application Security Profiles Defining Security Profiles Default Values Managing User and Access Point Security Profiles Priorities
Managing directory objects
Managing applications Managing users Managing access points Managing representative objects Managing clusters of access points Selecting a domain controller
Importing/Exporting security profiles and directory objects Managing smart cards Managing SA server devices Managing RFID tokens Managing biometrics Managing Mobile Devices Enabling the public key authentication method Managing Emergency Accesses Managing audit events Managing reports Customizing configuration files Creating scripts Basic syntax of regular expressions Listing audit events and error codes Correspondence between profiles and administration rights Report Models and Parameters List Custom Group Files Format

Generating analysis and statistics reports

Subject

This section describes how to generate predefined reports. These reports are grouped into three categories:

  • Audit reports:
  • Statistics reports:
  • Directory reports:
Before starting

To perform the task described in this section, you must have the following rights:

  • In classic administration mode: Auditor.
  • In advanced administration mode, your role must contain the following right: Audit: Visualization.

NOTE: For more information on administration roles, see Section Managing administrators.

Procedure

  1. In the Reporting panel, select the Analysis and Statistics Reports tab.
  2. In the Report drop-down list, select the predefined report you want to generate.

    NOTE:

    When you select the Excessive failed login attempts and Excessive use of SSPR reports, the Threshold button appears alongside. These reports enable you to display the users who have excessively used the SSPR or the workstations that have an unusual number of failed logins.

    When you click this button, you can define an event threshold and a duration. For example if you define 10 events within 7 days for the excessive use of the SSPR, then the report will display the users who have used the SSPR more than 10 times during the last 7 days.

    If you enter 1 for each threshold, then all the events of these reports will be displayed during the defined period.

  3. If you have a customized an audit filter, you can apply it (Filter field) by clicking the button and searching your customized file.
  4. Select a Time Frame using the from and to drop down lists.
  5. Select a language.
  6. Select the layout of the report (pie chart, stacked bar chart, bar chart or list), and click Generate.

    NOTE: The graphical layouts (pie chart, stacked bar chart and bar chart) are available only for the statistics reports only. The pie chart is also available for the installed software modules report. For the other reports, the list is the only available layout.
    • The predefined report appears.

  7. To export the generated report, see Section Exporting the generated report.

Generating application account reports

Subject

This section explains how to display accounts associated with one or more application(s).

Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Auditor" and you must be the manager of the applications on which you want make a report.
  • In advanced administration mode, your role must contain the following administration rights: "Audit: Visualization" and you must be the manager of the applications on which you want make a report or possess the right "Application: Manage all applications".

NOTE: For more information on administration roles, see Section Managing administrators.
Procedure
  1. In the Reporting panel, select the Application accounts tab.
  2. In the Report values area, use the Add and Remove buttons to select the applications for which you want to see associated accounts.

    Use the Browse tab to browse the directory tree structure or use the Search tab to find the applications by typing their name.

  3. Click OK.
    • The selected applications appear in the field.
  4. In the filter list, select the filter you want to apply to the accounts associated with the selected applications:
    • Display all accounts without access
      For each selected application, the report displays all the user accounts that have been collected for the selected application, but being no longer associated with the application.
    • Display all unregistered accounts
      For each selected application, the report displays all the users allowed to access the application, and who have not yet registered their account for this application (the account is not collected).
    • Display all registered accounts
      For each selected application, the report displays all the users allowed to access the application, and who have registered their account for this application (the account is collected).
    • Display all accounts
      For each selected application, the report displays all the users allowed to access the selected application (unregistered and registered accounts).
  5. Click Generate.
    • The list of accounts filtered for the selected applications appears in the table, as shown in the following example.

  6. To export the generated report, see Section Exporting the generated report.

 

Generating user account reports

Subject

This section explains how to select the users for which you want to display accounts, and filter the results.

Before starting

To perform the task described in this section, you must have at least the following administration role:

  1. In classic administration mode: "Auditor".
  2. In advanced administration mode, your role must contain the following right: "Audit: Visualization".

NOTE: For more information on administration roles, see Section Managing administrators.

Procedure

  1. In the Reporting panel, select the User accounts tab.
  2. In the Report values area, use the Add and Remove buttons to select the users for which you want to see associated accounts.
    Use the Browse tab to browse the directory tree structure or use the Search tab to find the users by typing their name.
  3. Click OK.
    • The selected users appear in the field.
  1. In the filter list, select the filter you want to apply to the accounts associated with the selected users:
    • Display all accounts
      For each selected user, the report displays all the applications to which the user is authorized to access (unregistered and registered accounts).
    • Display all registered accounts
      For each selected user, the report displays only the applications for which the account is collected (for which the user has registered his/her account).
  2. Click Generate.
    • The list of applications filtered for the selected users appears in the table, as shown in the following example.

  3. To export the generated report, see Section Exporting the generated report.

Generating administrators report

Subject

This section explains how to generate the list of administrators and their corresponding administration profile(s).

Before starting

To perform the task described in this section, you must have at least the following administration role:

  • In classic administration mode: "Auditor".
  • In advanced administration mode, your role must contain the following right: "Audit: Visualization".

NOTE: For more information on administration roles, see Section Managing administrators.
Procedure
  1. In the Reporting panel, select the Administrators tab.
  2. Click Generate.
    • The list of administrators who are member of your administered organizations appears in the table, with their corresponding administration profile(s).

  3. To export the generated report, see Section Exporting the generated report.
Related Documents