Auditing schema tables
The audit event schema has a common base event table, audit_event, which contains fields common to all audit events.
Separate tables are created for an event type only if that event type contains attributes, which are not generic enough to keep in a common table. As a rule, any element that is common to most audit events is kept in the audit_event container table. This design choice helps reduce the number of table joins when event data is queried.
The auditing event information is in the following tables.
Event Category Table Name Common tables AUDIT_EVENT Authentication No event-specific table Person management AUDIT_MGMT_TARGET This table is used only if action=Person transfer. Delegate authority AUDIT_MGMT_DELEGATE Policy management No event-specific table ACI management No event-specific table Access request management AUDIT_MGMT_ACCESS_REQUEST AUDIT_MGMT_OBLIGATIONAUDIT_MGMT_OBLIGATION_ATTRIBAUDIT_MGMT_OBLIGATION_RESOURCEAUDIT_MGMT_MESSAGE
Manual activity events AUDIT_MGMT_ACTIVITY Lifecycle rule events No event-specific table Account management AUDIT_MGMT_PROVISIONING Container management No event-specific table Organization role management AUDIT_MGMT_TARGET This table is used only if action=Add Member or Remove Member. ITIM group management AUDIT_MGMT_TARGET This table is used only if action=Add Member or Remove Member. Service management AUDIT_MGMT_TARGET This table is used only if Action=Add, Modify, or Remove Adoption Rule. Group management No event-specific table Service policy enforcement No event-specific table Reconciliation No event-specific table Entitlement workflow management No event-specific table Entity operation management No event-specific table System configuration No event-specific table Runtime events No event-specific table Self-password change No event-specific table Migration No event-specific table Credential management No event-specific table Credential Pool management No event-specific table Credential Lease management AUDIT_MGMT_LEASE This table is used only if the action is Checkout or if the credential is a pool member.
- AUDIT_EVENT table
- IBM Security Identity Manager authentication
- Person management
- Delegate authority
- Policy management
- ACI management
- Access request management
- Manual activity events
- Lifecycle rule events
- Account management
- Container management
- Organization role management
- ITIM group management
- Service management
- Group management
- Service policy enforcement
- Reconciliation
- Entitlement workflow management
- Entity operation management
- System configuration
- Runtime events
- Self-password change
- Migration
- Credential management
- Credential Pool management
- Credential Lease management
Parent topic: Database and Directory Server Schema Reference