Skip to main content

SOX groups

Purpose: This new report allows investigation of all suspicious group activity that falls under SOX definition.

Executable: soxgroups

Table 1. SOX groups report search criteria

Criteria	Description
Report type	Select the report type: Group states Select this option to only show state transitions, such as group creation/deletion. Group management Select this option to show user/group ownership changes to groups. Group membership Select this option to show user/group membership changes to groups.
User ID	Type the user ID of the user or users for whom you want to include in the report. Alternatively, you can search for one or more user IDs. All users are included by default.
Group ID	Type the ID of the group to include in the report. Alternatively, you can search for one or more groups.
Target system ID	Type a comma-and-space-delimited list of target system IDs for which you want to list changes. All target systems are included by default. If this field has a value, the report only lists group membership changes relating to the specified targets. Alternatively, you can search for one or more target systems.
Threshold value	Type a number to define the threshold. The default value is 1.
Time range	Choose a time range.
Self requests only	Select this option to show operations that users do for themselves.
Successful requests only	Select this option to show operations that have become effective.
Summarize report	Select this option to summarize the report. This option groups items in order to reduce the number of rows and shows only counts by users.

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.