Report administration
IBM Verify Identity Governance provides reports for system activity, resources such as accounts that users own, and historical data.
Overview
A report is a summary of IBM Verify Identity Governance activities and resources. You can generate reports based on requests, user and accounts, services, or audit and security. You can also design custom reports with the report designer.
Report data is staged through a data synchronization process. The process gathers data from the IBM Verify Identity Governance directory information store and prepares it for the reporting engine. Data synchronization can be run on demand, or it can be scheduled to occur regularly.
The generated reports are based on the most recent data synchronization, not on current data. Activities that occur after the last data synchronization was done are captured by the next data synchronization. Data in the reports is obtained from the IBM Verify Identity Governance database and the directory server.
Access control is available for report management. There are default ACIs for the Manager, Service Owner, and Auditor groups. For example, service owners and managers can search for all persons that they can access. Managers can see direct reports, and service owners can see people on services controlled by ACIs. Auditors can run all reports and see all data. No report access is available for users or members of the Help Desk group.
To generate a report, you must synchronize data at least one time. The report data is based on the most recent data synchronization and is only as accurate as the report data from that synchronization.
Reports are displayed in a separate window; therefore, you must disable pop-up blocking in your browser in order for the reports to be displayed. When you generate a report, be sure to close the report window in your browser before you generate another report. If you do not close the open report window before generating another report, a message displays, instructing you to close the window. Or, the same report might be displayed if it was cached by the browser.
Report formats
You can generate reports as a PDF file or as a comma-separated value (CSV) file. By default, reports are generated in PDF format and can be viewed and printed with the Adobe Acrobat Reader. In some cases, PDF formatting produces an additional blank page at the end of the report, which does not indicate that data is missing. You might select a CSV file for the report output. The report is displayed with the application that is mapped to CSV files (for example, Microsoft Excel). If no application is associated with the CSV file type, you are prompted to open or save the file when the report is created.
A PDF report, by default,
can contain up to 5000 records. You can change this value with the enrole.ui.report.maxRecordsInReport
property
in the UI.properties file. You do not have to
restart the server for the changes to take effect. Changes can occur
between 30 seconds and 10 minutes. You can increase this value to
obtain larger amounts of data in your reports. However, it is possible
that you might encounter an OutOfMemoryError error
by doing so. If this error occurs, increase the application server
heap size in the WebSphere® Application Server and
restart IBM Verify Identity Governance.
- Report accessibility
- The Identity Manager reports are accessible in the PDF format.