The table lists the query items in the Access Audit namespace.
Table 1. List of query items in the Access
Audit namespace
| Query subject |
Query items and their description |
| Access Audit |
- Audit Access Name
- The name of an access on which the audit operation is run.
- Audit Action
- An action that is run on the access. The valid values are
Add, Edit,
or Delete.
- Audit Comments
- The comments that are entered by the audit workflow approver.
- Audit Initiator Name
- The name of a user who initiates the audit action. For the audit
actions such as
Add, Edit, or Delete,
the initiator name represents the name of IBM Verify Identity Governance account.
- Audit Account ID
- An account identifier of a user for whom the access is requested.
- Audit Access Requestee Name
- The name of a user whose account is added to the access.
- Audit Access Approver Name
- The name of a user who approves the audit action.
- Audit Access Approver Account ID
- An account identifier of an audit approver.
- Audit Access Business Unit
- The name of an audit access business unit.
- Audit Workflow Process ID
- A unique identifier for a workflow process that is associated
with the access request.
- Audit Operation Start Time
- The audit operation start date and time.
- Access Type Code
- The code for an audit entity type. The possible values are
1, 2,
and 3. 1 represents service, 2 represents
group, and 3 represents role.
- Audit Access Type
- The type of an access. For example,
Application, Role, Email
group, or Shared Folder.
- Audit Access Badge Text 1, Audit Access Badge Text 2, Audit Access
Badge Text 3, Audit Access Badge Text 4, Audit Access Badge Text 5
- The badge text that is defined for an access.
- Audit Access ID
- A unique identifier of an access on which the audit operation
is run.
|
| Access Audit (Continued) |
- Audit Access Request Justification
- The reason for the access request.
- Audit Activity Name
- The name of an audit activity.
- Audit Activity ID
- A unique identifier of an audit activity.
- Audit Activity Start Time
- The audit activity start date and time.
- Audit Activity Due Time
- The date and time when the audit activity is due for an approval.
- Audit Activity Escalation Time
- The escalation date and time of an audit activity.
- Audit Activity Completion Time
- The audit activity completion date and time.
- Audit Access Request Completion Time
- The date and time when an access request is completed.
- Audit Access Request Status
- The status of an access request. The possible values are
Fulfilled, Not
Fulfilled, Submitted, or Pending.
- Audit Activity Approval Status
- An approval status of an audit activity. For example,
Approved, Rejected,
or Pending.
- Audit Activity Approval Action
- The status of an action that is taken on the activity. For example,
Completed or Escalated.
- Audit Action Code
- A code for the audit action. the possible values are
ADD, CHANGE,
or DELETE.
- Access Audit Obligation ID
- A unique obligation identifiers of an access. There can be multiple
obligation identifiers that are separated by a comma.
|
| Access Audit Obligation Attributes |
- Access ID
- A unique identifier of an access on which the audit operation
is run.
- Access Audit Obligation ID
- A unique obligation identifier of an access.
- Access Account Attribute Name
- The attribute name of an account that belongs to the access.
- Access Account Attribute Previous Value
- The previous value of an account attribute that belongs to an
access. If the attribute is edited for the first time, the previous
value is empty or null.
- Access Account Attribute Modified Value
- The modified value of an account attribute that belongs to an
access.
|
| Access |
- Access Dn
- An LDAP distinguished name for an access.
- Access Name
- The name of an access.
- Access Type
- The type of an access. The possible values are
Group, Role,
or Service.
- Access Description
- The description of an access.
- Access Category
- A category of an access. For example,
Application, Role, Email
Group, or Shared Folder.
- Access Icon URL
- A URL that is defined for an access icon.
- Access Additional Information
- An additional information about the access.
- Access Enabled
- Specifies whether access is enabled. The possible values are
True and False.
- Access Common Enabled
- Specifies whether common access is enabled. The possible values
are
True and False.
|
| Access Owner |
- Access Dn
- A distinguished name of an access.
- Access Owner Dn
- A distinguished name for an access owner.
- Access Owner
- The name of an access owner.
- Access Owner Type
- The type of an access owner. For example,
Person or Role.
- Access Owner Status
- The status of an access owner. For example,
Active and Inactive.
- The access owner status is not applicable if an owner type is
a role.
- Access Owner Manager Dn
- A distinguished name for a manager of an access owner.
- Access Owner Business Unit
- The business unit name of an access owner.
- Access Owner Business Unit Dn
- A distinguished name for a business unit of an access owner.
|