The following table lists the query items in the Access
Audit(Deprecated)
namespace.
Table 1. List of query items in the Access
Audit(Deprecated)
namespace
Query subject |
Query items and their description |
Access Audit |
- Audit Access Name
- The name of an access on which the audit operation is run.
- Audit Access Service Name
- The name of a service for which the access is defined.
- Audit Action
- An action that is run on the access. The valid values are:
Add .
Modify .
Delete .
AddMember .
RemoveMember .
- Audit Initiator Name
- The name of a user who initiates the audit action. For the audit
actions such as
AddMember and RemoveMember ,
the initiator name represents the name of IBM Verify Identity Governance account.
- Audit Account Name
- The name of an account for which the access is either requested
or deleted. This query item applies to only
AddMember and RemoveMember audit
actions.
- Audit Process Requestee Name
- The name of a user whose account is added to the access. This
query item applies to only
AddMember and RemoveMember audit
actions.
- Audit Process Recertifier Name
- The name of a user who approves the audit action.
- Audit Operation Start Time
- The audit operation start date and time.
- Audit Activity Owner
- IBM Verify Identity Governance account
user name that owns the activity. For example, a user who approves
the request to add an account to the access.
- Audit Activity Name
- The name of the audit activity.
- Audit Activity Start Time
- The audit activity start date and time.
- Audit Activity Completion Time
- The audit activity completion date and time.
- Audit Process Submission Time
- The audit process submission date and time.
- Audit Process Schedule Time
- The date and time at which an event is scheduled for the execution.
- Audit Process Completion Time
- The audit process completion date and time.
- Audit Activity Result Summary
- The result of an activity within a role audit process.
- Audit Comments
- The comments that are entered by the audit workflow approver.
- Audit Process Result Summary
- The result of the access audit process.
|
Access |
- Group Name
- The name of a group for which the access is defined.
- Group Type
- The profile type of a group.
- Group Access Name
- The name of an access that is defined for a group.
- Group Access Type
- The type of an access that is defined for a group.
- Group Supervisor
- The name of a user who is the supervisor of a group.
- Group Dn
- An LDAP distinguished name for a group to which the access is
defined.
- Group Container Dn
- An LDAP distinguished name for the business unit that is associated
with a group.
- Group Owner Dn
- An LDAP distinguished name for a group owner.
- Group Service Dn
- An LDAP distinguished name for the service that is associated
with a group.
- Group Access Defined
- Specifies whether or not access is defined for a group. The possible
values are
True and False .
- Group Access Enabled
- Specifies whether or not access is enabled for a group. The possible
values are
True and False .
- Group Common Access Enabled
- Specifies whether or not common access is enabled for a group.
The possible values are
True and False .
|
Access Owner |
- Access Owner Full Name
- The given name of an account owner.
- Access Owner Last Name
- The surname of an account owner.
- Access Owner Status
- The status of a user. The valid values are
Active and Inactive .
- Access Owner Dn
- An LDAP distinguished name for an account owner.
- Access Owner Business Unit Dn
- An LDAP distinguished name for the business unit to which an account
owner belongs.
- Access Owner Manager Dn
- An LDAP distinguished name for the user supervisor of the account
owner.
|
Access Owner Business Unit |
- Business Unit Name
- The name of a business unit.
- Business Unit Supervisor
- The business unit of a user who is the supervisor.
- Business Unit Dn
- An LDAP distinguished name for the business unit.
- Business Unit Container Dn
- An LDAP distinguished name for the parent business unit.
|
Access Service |
- Service Name
- The name of a service to which the access belongs.
- Service Dn
- An LDAP distinguished name for a service to which the access belongs.
- Service Container Dn
- An LDAP distinguished name for a business unit of a service that
is associated with the access.
- Service Owner Dn
- An LDAP distinguished name for a user owner of the service.
- Service URL
- A URL that connects to the managed resource.
- Service Type
- The service profile type.
|
Access Service Business Unit |
- Business Unit Name
- The name of a business unit.
- Business Unit Supervisor
- A user who is the supervisor of a business unit.
- Business Unit Dn
- An LDAP distinguished name for a business unit.
- Business Unit Container Dn
- An LDAP distinguished name for the parent business unit.
|
Access Members |
- Account Name
- The name of an account that is a member of an access.
- Account Ownership Type
- The type of the account ownership. The valid values are:
Device .
Individual .
System .
Vendor .
- Account Status
- The status of an account. The valid values are
Active and Inactive .
- Account Compliance
- Indicates whether an account is compliant or not. The valid values
are:
Unknown .
Compliant .
Non Compliant .
Disallowed .
- Account Last Access Date
- The last accessed date and time of an account.
- Account Dn
- An LDAP distinguished name for an account.
- Account Service Dn
- An LDAP distinguished name for a service to which the account
belongs.
|
Access Member Owner |
- Person Full Name
- The full name of an account owner.
- Person Last Name
- The surname of an account owner.
- Person Dn
- An LDAP distinguished name for an account owner.
- Person Business Unit Dn
- An LDAP distinguished name for the business unit to which an account
owner belongs.
- Person Supervisor
- A user who is the supervisor of an account owner.
|
Access Member Owner Business Unit |
- Business Unit Name
- The name of a business unit to which the account owner belongs.
- Business Unit Supervisor
- A user who is the supervisor of a business unit.
- Business Unit Dn
- An LDAP distinguished name for a business unit.
- Business Unit Container Dn
- An LDAP distinguished name for the parent business unit of an
organization entity.
|