Audit Component Groups
A list of auditing component groups that can be enabled or disabled individually to simplify the list of event types that appear in the audit log. The groups correspond to one or more actual advanced access control and or federation audit event types.
- Table 1 lists the name and description of the management audit component groups.
- Table 2 lists the name and description of the runtime audit component groups.
| Group | Description |
|---|---|
| Access Policies | Used to audit the various management operations that can be performed on access policies. |
| Access Control Policies | Used to audit the various management operations that can be performed on access control policies. |
| Advanced Configuration | Used to audit the various management operations that can be performed on the advanced configuration items. |
| Alias Service | Used to audit the various management operations that can be performed on either the alias service or alias settings. |
| API Protection | Used to audit the various management operations that can be performed on the API protection definitions, clients, and grants. |
| Application | Used to audit the various management operations that can be performed on applications. |
| Application Client | Used to audit the various management operations that can be performed on application clients. |
| Attribute | Used to audit the various management operations that can be performed on attributes. |
| Attribute Matcher | Used to audit the various management operations that can be performed on attribute matchers. |
| Auditing | Used to audit the various management operations that can be performed on auditing. That is, enable or disable auditing, or update audit settings. |
| Authentication Mechanism | Used to audit the various management operations that can be performed on authentication mechanisms. |
| Authentication Policy | Used to audit the various management operations that can be performed on authentication policies. |
| Authentication Rules | Used to audit the various management operations that can be performed on authentication rules. |
| Database Maintenance | Used to audit the various management operations that can be performed for the maintenance of the runtime database. |
| Device Configuration | Used to audit the various management operations that can be performed on advanced access control devices. |
| Extensions | Used to audit the various management operations that can be performed on IBM® Verify Identity Access extensions. |
| Federation | Used to audit the various management operations that can be performed on federations. |
| FIDO2 | Used to audit the various management operations that can be performed on FIDO2 configurations. |
| Geolocation | Used to audit the various management operations that can be performed on the geolocation database. |
| IBM Verify | Used to audit the various management operations that can be performed on the configuration of scenarios for IBM Verify. |
| Identity Sources | Used to audit the various management operations that can be performed on identity source types and instances. |
| Knowledge Questions | Used to audit the various management operations that can be performed on knowledge questions. |
| Logging | Used to audit the various management operations that can be performed on logging. That is, enable or disable logging, or updating the logging specification. |
| Mapping Rules | Used to audit the various management operations that can be performed on JavaScript mapping rules. |
| Mobile Multi-factor Authentication | Used to audit the various management operations that can be performed on mobile multi-factor authentication. That is, configuration or transaction management. |
| Obligation | Used to audit the various management operations that can be performed on obligations. |
| OpenID Connect | Used to audit the various management operations that can be performed on OpenID Connect. |
| Partner | Used to audit the various management operations that can be performed on federation partners. |
| Policy Information Points | Used to audit the various management operations that can be performed on policy information points. |
| Point of Contact Profile | Used to audit the various management operations that can be performed on point of contact profiles. |
| Policy Attachment | Used to audit the various management operations that can be performed on the attachment of an access policy to a resource. |
| Policy Set | Used to audit the various management operations that can be performed on policy sets. |
| Push Notification | Used to audit the various management operations that can be performed on push notification services. |
| Risk Profile | Used to audit the various management operations that can be performed on risk profiles. |
| Runtime Configuration | Used to audit the various management operations that can be performed on the runtime server configuration. This includes deploy, undeploy, reload, response file, configure, and unconfigure events. |
| Runtime Policy | Used to audit the various management operations that can be performed on runtime policy. |
| SAML2.0 | Used to audit the various management operations that can be performed on SAML 2.0 objects. That is, SAML 2.0 federation and partner management. |
| Session | Used to audit the various management operations that can be performed on attribute collection sessions. |
| STS Chain | Used to audit the various management operations that can be performed on STS chains. |
| Tenant Auto Consent | Used to audit the various management operations that can be performed on tenant auto consent. |
| Test Connection | Used to audit the various management operations that can be performed on the testing of an LDAP, database, or Redis connection. |
| User Selfcare | Used to audit the various management operations that can be performed on the user selfcare configuration. |
| User Information | Used to audit the various management operations that can be performed on a users stored attributes. |
| Group | Description |
|---|---|
| Account Locked | Used to audit the runtime lookup and modification of the account-locked status for a user. |
| Auditing | Used to audit the runtime operation of the auditing framework. |
| Authentication Mechanism | Used to audit the runtime operation of the authentication mechanisms. |
| Data Encryption | Used to audit the runtime operation of the federation data encryption operations. |
| Device Runtime | Used to audit the registration and deletion of various devices. |
| FIDO2 | Used to audit the FIDO2 runtime operations. |
| Federation | Used to audit the federation runtime operations. |
| IBM Verify | Used to audit the runtime operations relating to the scenarios for IBM Verify. |
| Mobile Multi-factor Authentication | Used to audit the mobile multi-factor authentication runtime operations. |
| Management Session | Used to audit the federation session management runtime operations. |
| Mapping Rules | Used to audit the JavaScript mapping rules runtime operations. |
| Message Signing | Used to audit the runtime operation of the federation data message signing operations. |
| OAuth20 | Used to audit the OAuth and OAuth20 runtime operations. |
| One Time Passwords | Used to audit the OTP runtime operations. |
| Risk Score | Used to audit the calculation of a risk score during a runtime operation. |
| Runtime Security Services | Used to audit the runtime security services component usage during a runtime operation. |
| SAML2.0 | Used to audit the SAML 2.0 federation runtime operation. That is, SAML 2.0 federation and partner usage. |
| SCIM | Used to audit the SCIM runtime methods. |
| Trust Service | Used to audit the federation trust service runtime operation. |
| User Selfcare | Used to audit the user selfcare runtime operation. |
| User Authentication | Used to audit the user authentication and logoff runtime operations. |
| Group | Description |
|---|---|
| Activated Modules | Used to audit the management of the activated modules LMI component. |
| Application Locale | Used to audit the management of the application locale LMI component. |
| Networking Configuration | Used to audit the management of the networking LMI component. |
| CLI REST Wrapper | Used to audit the management of the CLI LMI component. |
| Cluster configuration | Used to audit the management of the clustering LMI component. |
| Config Files | Used to audit the management of the configuration files LMI components. |
| Container Extensions | Used to audit the management of the container extensions LMI component. |
| File Management | Used to audit the management of the file management LMI component. |
| Front end load balancer | Used to audit the management of the front end load balancer LMI component. |
| Hosts file | Used to audit the management of the hosts file LMI component. |
| Reverse Proxy Junction Management | Used to audit the management of the junction management LMI component. |
| Management Authentication | Used to audit the management of the management authentication LMI component. |
| Management SSL | Used to audit the management of the management SSL LMI component. |
| Packet Tracing | Used to audit the management of the packet tracing LMI component. |
| SSL Certificates | Used to audit the management of the SSL certificates LMI component. |
| WGA Templates | Used to audit the management of the WGA templates LMI component. |
| Tenants | Used to audit the management of the tenants LMI component. |
| Tracing | Used to audit the management of the tracing LMI component. |
| Utilities | Used to audit the management of the utilities LMI component. |
| Web Portal Manager | Used to audit the management of the WPM LMI component. |
| User Registry | Used to audit the management of the user registry LMI component. |
| Server Connections | Used to audit the management of the server connections LMI component. |
| SCIM | Used to audit the management of the SCIM LMI component. |
| Runtime Tuning | Used to audit the management of the runtime tuning LMI component. |
| Runtime Profile | Used to audit the management of the runtime profile LMI component. |
| Password Vault | Used to audit the management of the password vault LMI component. |
| Partner | Used to audit the management of the partner LMI component. |
| H2 Snapshot | Used to audit the management of the H2 snapshot LMI component. |
| Connectors | Used to audit the management of the connectors LMI component. |
| Advanced Configuration | Used to audit the management of the advanced configuration LMI component. |
| Management Authorization | Used to audit the management of the management authorization LMI component. |
| Silent Configuration | Used to audit the management of the silent configuration LMI component. |
| SNMP Monitoring | Used to audit the management of the SNMP monitoring LMI component. |
| Account Management | Used to audit the management of the account management LMI component. |
| System Alerts | Used to audit the management of the system alerts LMI component. |
| pdadmin REST Wrapper | Used to audit the management of the pdadmin wrapper LMI component. |
| System | Used to audit the management of the system LMI component. |
| IBM Verify SaaS Wizards | Used to audit the management of the SaaS wizards LMI component. |
| Administrator Settings | Used to audit the management of the administrator settings LMI component. |
| Monitor Graphs | Used to audit the management of the monitor LMI component. |
| Firmware Updates | Used to audit the management of the firmware updates LMI component. |
| Advanced Tuning Parameters | Used to audit the management of the advanced tuning LMI component. |
| Event Log | Used to audit the management of the event log LMI component. |
| Extensions | Used to audit the management of the extensions LMI component. |
| FIPS Configuration | Used to audit the management of the FIPS LMI component. |
| Firmware Settings | Used to audit the management of the firmware settings LMI component. |
| Fixpacks | Used to audit the management of the fixpacks LMI component. |
| Web Configuration | Used to audit the management of the web configuration LMI component. |
| Authorization Server Configuration | Used to audit the management of the authorisation server LMI component. |
| Embedded LDAP Configuration | Used to audit the management of the embedded LDAP LMI component. |
| Federated Directory | Used to audit the management of the federated directory LMI component. |
| Runtime Cluster | Used to audit the management of the runtime cluster LMI component. |
| Reverse Proxy Configuration | Used to audit the management of the reverse proxy LMI component. |
| RSA SecurID Configuration | Used to audit the management of the RSA SecurID LMI component. |
| Web SSO Keys | Used to audit the management of the SSO keys LMI component. |
| Web Client Certificate Authentication Mapping Configuration | Used to audit the management of the client certificate authentication mapping LMI component. |
| Web URL Mapping Configuration | Used to audit the management of the URL mapping LMI component. |
| Web Forms Based Single Sign-on Configuration | Used to audit the management of the forms based SSO LMI component. |
| Web HTTP Transformation Configuration | Used to audit the management of the HTTP transformation LMI component. |
| Web Junction Mapping Configuration | Used to audit the management of the junction mapping LMI component. |
| Web Kerberos Keytab Configuration | Used to audit the management of the Kerberos keytab LMI component. |
| Web LTPA Keys | Used to audit the management of the LTPA keys LMI component. |
| Web Password Strength Configuration | Used to audit the management of the password strength LMI component. |
| Query Site Contents | Used to audit the management of the query site contents LMI component. |
| Web Rate Limiting Configuration | Used to audit the management of the rate limiting LMI component. |
| Web User Name Mapping Configuration | Used to audit the management of the user name mapping LMI component. |
| Web Application Firewall Configuration | Used to audit the management of the WAF LMI component. |
| Kerberos Configuration | Used to audit the management of the Kerberos LMI component. |
| Redis Configuration | Used to audit the management of the Redis LMI component. |
| API Access Control | Used to audit the management of the API access control LMI component. |
| Snapshots | Used to audit the management of the snapshots LMI component. |
| Support Files | Used to audit the management of the support files LMI component. |
| Date/Time | Used to audit the management of the date and time LMI component. |
| Cleanup Task | Used to audit the management of the cleanup task LMI component. |
| Audit | Used to audit the management of the audit LMI component. |
| Group | Description |
|---|---|
| ivmgrd.conf.audit.azn | Used to audit the authorization operations in the runtime component. |
| ivmgrd.conf.audit.authn | Used to audit the authentication operations in the runtime component. |
| ivmgrd.conf.audit.mgmt | Used to audit the management operations in the runtime component. |
| Group | Description |
|---|---|
| INSTANCE.audit.azn | Used to audit the authorization operations in the reverse proxy component for the identified instance. |
| INSTANCE.audit.authn | Used to audit the authentication operations in the reverse proxy component for the identified instance. |
| INSTANCE.audit.http | Used to audit the HTTP operations in the reverse proxy component for the identified instance. |