The table lists the query items in the Access Audit
namespace.
Table 1. List of query items in the Access
Audit
namespace
Query subject |
Query items and their description |
Access Audit |
- Audit Access Name
- The name of an access on which the audit operation is run.
- Audit Action
- An action that is run on the access. The valid values are
Add , Edit ,
or Delete .
- Audit Comments
- The comments that are entered by the audit workflow approver.
- Audit Initiator Name
- The name of a user who initiates the audit action. For the audit
actions such as
Add , Edit , or Delete ,
the initiator name represents the name of IBM Verify Identity Governance account.
- Audit Account ID
- An account identifier of a user for whom the access is requested.
- Audit Access Requestee Name
- The name of a user whose account is added to the access.
- Audit Access Approver Name
- The name of a user who approves the audit action.
- Audit Access Approver Account ID
- An account identifier of an audit approver.
- Audit Access Business Unit
- The name of an audit access business unit.
- Audit Workflow Process ID
- A unique identifier for a workflow process that is associated
with the access request.
- Audit Operation Start Time
- The audit operation start date and time.
- Access Type Code
- The code for an audit entity type. The possible values are
1 , 2 ,
and 3 . 1 represents service, 2 represents
group, and 3 represents role.
- Audit Access Type
- The type of an access. For example,
Application , Role , Email
group , or Shared Folder .
- Audit Access Badge Text 1, Audit Access Badge Text 2, Audit Access
Badge Text 3, Audit Access Badge Text 4, Audit Access Badge Text 5
- The badge text that is defined for an access.
- Audit Access ID
- A unique identifier of an access on which the audit operation
is run.
|
Access Audit (Continued) |
- Audit Access Request Justification
- The reason for the access request.
- Audit Activity Name
- The name of an audit activity.
- Audit Activity ID
- A unique identifier of an audit activity.
- Audit Activity Start Time
- The audit activity start date and time.
- Audit Activity Due Time
- The date and time when the audit activity is due for an approval.
- Audit Activity Escalation Time
- The escalation date and time of an audit activity.
- Audit Activity Completion Time
- The audit activity completion date and time.
- Audit Access Request Completion Time
- The date and time when an access request is completed.
- Audit Access Request Status
- The status of an access request. The possible values are
Fulfilled , Not
Fulfilled , Submitted , or Pending .
- Audit Activity Approval Status
- An approval status of an audit activity. For example,
Approved , Rejected ,
or Pending .
- Audit Activity Approval Action
- The status of an action that is taken on the activity. For example,
Completed or Escalated .
- Audit Action Code
- A code for the audit action. the possible values are
ADD , CHANGE ,
or DELETE .
- Access Audit Obligation ID
- A unique obligation identifiers of an access. There can be multiple
obligation identifiers that are separated by a comma.
|
Access Audit Obligation Attributes |
- Access ID
- A unique identifier of an access on which the audit operation
is run.
- Access Audit Obligation ID
- A unique obligation identifier of an access.
- Access Account Attribute Name
- The attribute name of an account that belongs to the access.
- Access Account Attribute Previous Value
- The previous value of an account attribute that belongs to an
access. If the attribute is edited for the first time, the previous
value is empty or null.
- Access Account Attribute Modified Value
- The modified value of an account attribute that belongs to an
access.
|
Access |
- Access Dn
- An LDAP distinguished name for an access.
- Access Name
- The name of an access.
- Access Type
- The type of an access. The possible values are
Group , Role ,
or Service .
- Access Description
- The description of an access.
- Access Category
- A category of an access. For example,
Application , Role , Email
Group , or Shared Folder .
- Access Icon URL
- A URL that is defined for an access icon.
- Access Additional Information
- An additional information about the access.
- Access Enabled
- Specifies whether access is enabled. The possible values are
True and False .
- Access Common Enabled
- Specifies whether common access is enabled. The possible values
are
True and False .
|
Access Owner |
- Access Dn
- A distinguished name of an access.
- Access Owner Dn
- A distinguished name for an access owner.
- Access Owner
- The name of an access owner.
- Access Owner Type
- The type of an access owner. For example,
Person or Role .
- Access Owner Status
- The status of an access owner. For example,
Active and Inactive .
- The access owner status is not applicable if an owner type is
a role.
- Access Owner Manager Dn
- A distinguished name for a manager of an access owner.
- Access Owner Business Unit
- The business unit name of an access owner.
- Access Owner Business Unit Dn
- A distinguished name for a business unit of an access owner.
|