Audit reports
Database table audit
Purpose: Shows database table change history.
Executable: databasetableaudit
Table | Type the table name to list all of its audit data. Ensure that you specify a table. Each table has a different number of fields. This report will not work for all tables. |
Profile ID | Type the profile ID of the user to list the audit data relating to this user. Alternatively, you can search for one or more profile IDs. |
Module ID | Type the module ID to list the audit data relating to this module. |
Initiating node | Type the node ID to list the audit data relating to this node. |
Last modified time | Choose a date range for modifications. |
System audit
Purpose: Shows system variables change history.
Executable: sysaudit
Criteria | Description |
|---|---|
User ID | Type the profile ID of the user to list system variables that had been modified by this user. Alternatively, you can search for one or more profile IDs. |
Node ID | Type the node ID to list system variables that had been modified from this node. |
Module ID | Type the module ID to list system variables that had been modified by this module. |
System variable group | Select the system variable groups that you want to add to the report output. |
System variable | Select one or more system variables to list their modifications. |
Order by | Select the sorting order of the report output. |
Last modified time | Choose a date range for modifications. |
Show only changes | If checked, the report output lists only system variables that have been modified. |
Account group audit
Purpose: Audit trail of manage/unmanage operations on account groups. Lists current and historical values.
Executable: groupaudit
Criteria | Description |
|---|---|
Target system ID | Type the ID of the target system to include in the report. Alternatively, you can search for one or more target systems. |
Group ID | Type the ID of the group to include in the report. Alternatively, you can search for one or more groups. |
Operations | Choose the operation type for groups:
|
User ID | Type the ID of the user who performed the operation to include in the report. Alternatively, you can search for one or more users. |
Last modified time | Choose a date range for modifications. |
User and account history
Purpose: Audit trail of changes to target systems that are being tracked. This includes:
Target system account changes
Managed group membership
Role membership
Profile attributes
Account attributes
Profile attribute changes are not propagated back to target systems by default.
Note
The Track changes option must be enabled for target systems, managed groups, profile attributes, or account attributes in order for data on these entitlements to be collected.
Executable: trackedchanges
Criteria | Description |
|---|---|
Account | Type the long ID, not the short ID, of the account for which you want to list changes. |
User ID | Type the profile ID of the user for whom you want to list changes. Alternatively, you can search for one or more profile IDs. |
Target system ID | Type a comma-and-space-delimited list of target system IDs for which you want to list changes. All target systems are included by default. If this field has a value, the report only lists group membership changes relating to the specified targets. Alternatively, you can search for one or more target systems. |
Managed groups | Type the long ID of one or more managed groups for which you want to list changes. If this field has a value, the report only lists group membership changes relating to the specified groups. Alternatively, you can search for one or more managed groups. |
Roles | Type the role ID of one or more roles for which you want to list changes. If this field has a value, the report only lists role changes relating to the specified role. Alternatively, you can search for one or more roles. |
User attribute | Type the ID of one or more profile attributes for which you want to list changes. Multiple attributes must be a comma separated list. Alternatively, you can search for one or more profile attributes to select. By default, the report will list all profile attributes changes. |
Account attribute | Type the ID of one or more account attributes for which you want to list changes. Multiple attributes must be a comma separated list. Alternatively, you can search for one or more account attributes that have been previously overridden. By default, the report will list all account attribute changes. |
Choose date range | Choose a date range. |
Display tracked changes for | Select from the following:
|
If you do not specify any search criteria, the report output includes all tracked changes.
Account changes history
Purpose: Lists accounts that have been added or deleted, and account attributes that have been changed on a target system.
Executable: accountchanges
Criteria | Description |
|---|---|
Operation | Choose one of the following:
|
Target system ID | Select a target system ID to display account changes on the target system. |
Related target system ID | For the Add operation only. Select a related system ID to view how the account’s attributes on the target system map to those on the related system. |
Account | Type the long ID, not the short ID, of the account for which you want to list changes. |
Account attribute used on target system to map to related target system | For the Add operation only. The attribute for mapping in the target system. |
Account attribute used on related target system to map to target system | For the Add operation only. The attribute for mapping in the related target system. |
Show only if account is associated with a profile | If checked, only the accounts that are associated with a profile will be displayed. |
Show profile ID | If checked, the profile ID will be displayed. |
Choose date range | Choose a date range. |
If you do not specify any search criteria, the report output includes all tracked changes.
Out-of-band group changes
Purpose: Provides details about changes affecting managed groups.
Executable: oobchanges
Criteria | Description |
|---|---|
Out-of-band action | Select an action:
Leaving it blank is the same as selecting all types. |
Display operations | Select an operation:
Leaving it blank is the same as selecting all operations. |
Resource attribute to display | Select resource attributes to be displayed in report. |
Time range | Select time range. |
Resource attribute | Filter results using a resource attribute and criteria. The type of criteria is dependent on the attribute selected. Up to four resource attribute filters can be defined. |
Authorizer ID | Type a comma-and-space-delimited list of authorizer IDs. Alternatively, you can search for one or more authorizers. |
Requester ID | Type a comma-and-space-delimited list of requester IDs. Alternatively, you can search for one or more requesters. |
Managed groups | Type a comma-and-space-delimited list of managed groups. Alternatively, you can search for one or more groups. |
Group owner | Type a comma-and-space-delimited list of group owners. Alternatively, you can search for one or more group owners. |
Entitlement and attribute history
Purpose: To audit the status of tracked account attributes and entitlements as they existed at a specified reference time. These include:
Target system account changes
Managed group membership
Role membership
Account attribute changes
Note
Track changes must be enabled for target systems, managed groups, and account attributes in order for data on these entitlements to be collected.
This report returns results as a snapshot of their status at the configured time. Only the changes most recent to that point in time will be returned.
Executable entitlementandattributehistory
Criteria | Description |
|---|---|
Account | Type the long ID, not the short ID, of the account for which you want to list changes. |
User ID | Type the profile ID of the user for whom you want to list changes. Alternatively, you can search for one or more profile IDs. |
Target system ID | Type a comma-and-space-delimited list of target system IDs for which you want to list changes. All target systems are included by default. If this field has a value, the report only lists group membership changes relating to the specified targets. Alternatively, you can search for one or more target systems. |
Managed groups | Type the long ID of one or more managed groups for which you want to list changes. If this field has a value, the report only lists group membership changes relating to the specified groups. Alternatively, you can search for one or more managed groups. |
Roles | Type the role ID to search against. |
Display tracked changes for | Select from the following options to return only those results:
|
Reference date | Provide a specific date and time value to return a snapshot of entitlements and attributes as they existed at that point in time. The default setting uses the current date and time, in order to return results as they exist currently. |
If you do not specify any search criteria, the report output includes all of the most recent tracked changes.
Account audit
Purpose: Audit trail of accounts created and disabled through Bravura Security Fabric
Executable: accountaudit
Criteria | Description |
|---|---|
Account | Type the long ID, not the short ID, of the account for which you want to list changes. |
Target system ID | Type the ID of the target system to include in the report. Alternatively, you can search for one or more target systems. |
User ID | Type the ID of the user who performed the operation to include in the report. Alternatively, you can search for one or more users. |
Operation | Choose the operation type for accounts:
|
SOX users
Purpose: Allows investigation of all suspicious user activity that falls under SOX definition.
Executable: soxusers
Criteria | Description |
|---|---|
Report type | Select the report type:
|
User ID | Type the user ID of the user or users for whom you want to include in the report. Alternatively, you can search for one or more user IDs. All users are included by default. |
Threshold value | Type a number to define the threshold. The default value is 1. |
Time range | Choose a time range . |
Self requests only | Select this option to show operations that users do for themselves. |
Successful requests only | Select this option to show operations that have become effective. |
Summarize report | Select this option to summarize the report. This option groups items in order to reduce the number of rows and shows only counts by users. |
SOX groups
Purpose: This new report allows investigation of all suspicious group activity that falls under SOX definition.
Executable: soxgroups
Criteria | Description |
|---|---|
Report type | Select the report type:
|
User ID | Type the user ID of the user or users for whom you want to include in the report. Alternatively, you can search for one or more user IDs. All users are included by default. |
Group ID | Type the ID of the group to include in the report. Alternatively, you can search for one or more groups. |
Target system ID | Type a comma-and-space-delimited list of target system IDs for which you want to list changes. All target systems are included by default. If this field has a value, the report only lists group membership changes relating to the specified targets. Alternatively, you can search for one or more target systems. |
Threshold value | Type a number to define the threshold. The default value is 1. |
Time range | Choose a time range. |
Self requests only | Select this option to show operations that users do for themselves. |
Successful requests only | Select this option to show operations that have become effective. |
Summarize report | Select this option to summarize the report. This option groups items in order to reduce the number of rows and shows only counts by users. |
Account existence
Purpose: Show a list of all of the accounts that existed on a target system on a given date. The output columns contain:
Target system
Target system group
Account
Profile name / profile full name
Date created
Date invalidated if applicable
Executable: accountexists
Criteria | Description |
|---|---|
User ID | Type the profile ID of the user for whom you want to check the existence of accounts. Alternatively, you can search for one or more profile IDs. |
User name | Type the full name of the user for whom you want to check the existence of accounts. |
Account | Type a comma-and-space-delimited list of long IDs (not short IDs) that match the accounts you want to include in the report. Alternatively, you can search for one or more accounts. |
Target system ID | Type a comma-and-space-delimited list of target system IDs to only include accounts from those systems. Alternatively, you can search for one or more target systems. |
Target system group | Select the target system group on which to check for the existence of accounts. |
Reference date | Select the date used to check for the existence of the accounts |