Chat now with support
Chat with Support

One Identity Safeguard for Privileged Passwords 6.7 - Administration Guide

Introduction System requirements and versions Using API and PowerShell tools Using the virtual appliance and web management console Cloud deployment considerations Setting up Safeguard for Privileged Passwords for the first time Using the web client Getting started with the desktop client Using the desktop client Search box Privileged access requests Toolbox Accounts Account Groups Assets Asset Groups Discovery Entitlements Partitions Settings
Access Request settings Appliance settings Asset Management settings Backup and Retention settings Certificates settings Cluster settings Enable or Disable Services settings External Integration settings Messaging settings (desktop client) Password Management settings Safeguard Access settings SSH Key Management settings
Users User Groups Disaster recovery and clusters Administrator permissions Preparing systems for management Troubleshooting Frequently asked questions Appendix A: Safeguard ports Appendix B: SPP 2.7 or later migration guidance Appendix C: SPP and SPS join guidance Appendix D: Regular Expressions SPP Glossary About us

Account Automation

The Account Automation tab on the Dashboard allows Asset Administrators to view information regarding accounts that are failing different types of tasks. This dashboard includes both automated and manual tasks in the failure results. Clicking one of the failure task tiles across the top of the view displays additional information about the accounts belonging to that category.

This dashboard is available to Safeguard for Privileged Passwords users assigned the following administrative permissions:

  • Asset Administrator: Full control for accounts related to all Safeguard for Privileged Passwords assets
  • Auditor: Read-only view
  • Delegated Partition Owner: Control for accounts related to the accounts and assets managed through delegation
Account Automation: Tiles
  • Password Check Failures: Displays a list of accounts where password check tasks failed.
  • Password Change Failures: Displays a list of accounts where password change tasks failed.
  • SSH Key Check Failures: Displays a list of accounts where SSH key check tasks failed.
  • SSH Key Change Failures: Displays a list of accounts where SSH key change tasks failed.
  • SSH Key Discovery Failures: Displays a list of accounts where SSH key discovery tasks failed.
  • Suspend Account Failures: Displays a list of accounts where suspend tasks failed.
  • Restore Account Failures: Displays a list of accounts where restore tasks failed.
Account Automation: Toolbar

Use the toolbar at the top of the details grid to perform the following tasks.

  • Rerun task: Select to rerun the selected task.
  • Export: Select to create a .csv or .json file of the currently displayed account automation grid and save it to a location of your choice. The time is set according to the user time zone. You can convert timestamps another time, if necessary. For more information, see Converting time stamps.
  • Columns: Select to display a list of columns that can be displayed in the grid. Select the check box for data to be included in the grid. Clear the check box for data to be excluded from the grid.

Activity Center

The Activity Center is the place to go to view the details of specific events or user activity. The appliance records all activities performed within One Identity Safeguard for Privileged Passwords. Any administrator has access to the audit log information; however, your administrator permission set determines what audit data you can access. For more information, see Administrator permissions.

Activity Center: Main page toolbar

The toolbar at the top of the main Activity Center page contains these options.

  • Clear: Resets the current search criteria back to the default settings (all activity occurring within the last 24 hours.)
  • Schedule: Allows you to define when the activity audit log report is to be generated and sent via email as well as the format of the report (.csv or .json). For more information, see Scheduling an activity audit log report.
  • Open: Allows you to access previously saved search and scheduled reports.
  • Save: Saves the current search criteria which can be used later to generate the report. For more information, see Saving search criteria.
  • Export: Select to create a .csv or .json file of the criteria displayed and save it to a location of your choice.
  • Run button: Generates an activity audit log report based on the search criteria specified.

In addition, query tiles display the criteria you have applied to search the activity data. By default, only the Activity category and Time frame tiles display. Use the Add button to specify additional query criteria to retrieve the information you are looking for. For more information, see Applying search criteria.

Activity Center: Results page toolbar

Once an activity audit log report is generated, the results page contains the search results grid and these toolbar options.

  • Back: Takes you back to the query page where you can modify the search criteria.
  • Refresh: Closes the details and updates the search results page.

Applying search criteria

Use the query builder in the Activity Center to add and remove data from your activity audit log report to get the information you need.

By default, an activity audit log report includes all activity occurring within the last 24 hours. However, using the query tiles provided you can specify search criteria to retrieve specific information from the activity audit log. The search criteria available includes:

  • I would like to see: Complete the Select an Activity Category dialog to narrow parameters and event details)
  • Occuring within the: Complete the Select a Timeframe dialog by hours, days, or a custom time frame you set.
  • Click to add any of the following additional criteria:
    • Add User then select one user.
    • Add Asset then select one asset.
    • Add Account then select one account.
    • Add Search Value: For sessions, you can search by keyword or value.

To apply search criteria to the audit log

Activity Category and Time frame are required to generate a report. Other search criteria is optional and allows you to narrow the report to the exact parameters provided.

  1. From the Safeguard for Privileged Passwords desktop Home page, select Activity Center.
  2. I would like to see defaults to All Activity. Click the tile to limit the report to a particular type of activity and select the activity category to be included in the report.

  3. Occurring within the defaults to Last 24 Hours. To specify a different time frame, click the tile and select the time frame to be included in the report. If using the Custom option, specify the custom date and time range.

  4. Click the Add button to further filter results. The options to add are based on the selections you made and may include user, asset, or account. When you add filters, additional tiles display such as: involving the asset.
    • If you select Add User, you can specify one user. A tile with the user displays.
    • If you select Add Asset, you can select an asset. A new tile with the asset displays. When an account is specified, the Add Asset option is not available.
    • If you select select Add Account, you can select the account. When an asset is specified, the Add Account option is not available.
  5. To search session activity for a specific keyword or value.

    1. Change the activity category (I would like to see) to Session Specific Activity (or In-Session Activity).
    2. Click the Add button and select Add Search value.
    3. In the Enter a Search Value dialog, enter the keyword or value (e.g., regedit) and click OK.

    An additional tile appears listing the keyword or value specified. If you later change the activity category, the keyword tile will be dimmed indicating it will not be included in the query.

  6. To remove or edit your selections, mouse over a query tile and use any of the following icons.

    • Clear: Resets the value back to the default. Clear is only available for Activity category and Time frame.

    • Delete: Removes search criteria tiles you added.
    • Edit: Displays the corresponding dialog allowing you to modify your selection. You can also click a query tile to edit your selection.

Saving search criteria

You can save the current search criteria defined to be used at a later time to generate an activity audit log report. You can save the current search criteria from the main Activity Center view (query builder page) or from the results view.

To save the current search criteria

  1. From the Safeguard for Privileged Passwords desktop Home page, select Activity Center.
  2. Specify the search criteria to be used to generate the desired report. For more information, see Applying search criteria.
  3. Click Save.
  4. In the Save Search dialog, enter the following information:

    1. Name: Enter a name for the search.
    2. Description: Optionally, enter descriptive text to describe the search.
  5. Click OK.
  6. To run a previously saved search, click Open.

    1. Select a search from the list. (The criteria for the selected search is displayed in the right pane.)

    2. Click Open.

    The query tiles for the selected search appear in the Activity Center page, where you can then select Run to generate the report.

Related Topics

Editing or deleting a saved search or scheduled report

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating