Query items for Account Audit namespace

Query items for Account Audit namespace

The following table lists the query items in the Account Audit namespace.

Query subject Query items and their description

Account Audit
Audit Account Name

The name of an account on which the audit action is performed.

Audit Action

The action that is performed on an account. For example, Add, Delete, Modify, and ChangePassword.

Audit Comments

The comments that are entered by the audit workflow approver.

Audit Account Business Unit

The business unit of an account.

Audit Process Subject

A user who is the owner of an account on which the audit action is performed.

Audit Process Service Profile

The profile type of a service to which an account belongs.

Audit Process Subject Service

The service on which an account is provisioned.

Audit Initiator Name

The name of a user who initiated the audit action.

Audit Process Requestee Name

The name of an account owner.

Audit Process Recertifier Name

The name of a user who approves the audit process workflow.

Audit Operation Start Time

The audit operation initiation date and time.

Audit Activity Owner

An owner who owns the activity. For example, An owner name who approves the add request for the pending account.

Audit Activity Name

The name of the audit activity.

Audit Activity Start Time

The audit activity start date and time.

Audit Activity Completion Time

The audit activity completion date and time.

Audit Process Submission Time

The audit process submission date and time.

Audit Process Schedule Time

The date and time at which an event is scheduled for execution.

Audit Process Completion Time

The audit process completion date and time.

Audit Activity Result Summary

The result of the activity within the account audit process.

Audit Process Result Summary

The result of the account audit process.

Account
Account Name

The name of an account on which the audit action is performed.

Account Service Name

The name of a service on which the account is provisioned.

Account Status

The account status. The valid values are Active and Inactive.

Account Is Orphan

Indicates whether an account is associated with a user or not. The valid values are Yes and No. Yes represents the account is orphaned, and No represents the account is not orphaned.

Account Compliance

Indicates whether an account is compliant or not. The valid values are Compliant, Non compliant, Unknown, and Disallowed.

Account Last Access Date

The last accessed date and time of an account.

Account Owner First Name

The given name of a user who is the owner of an account.

Account Owner Last Name

The surname of a user who is the owner of an account.

Account Dn

An LDAP distinguished name for an account.

Account Service DN

An LDAP distinguished name for the service to which an account belongs.

Account Owner Business Unit Dn

An LDAP distinguished name for the business unit to which an account owner belongs.

Account Owner Dn

An LDAP distinguished name for the account owner.

Reconciliation Audit
Reconciliation User Name

The name of a user to whom an account is associated during the reconciliation operation.

Reconciliation Account Name

The name of the reconciled account.

Reconciliation Processed Accounts

The number of processed accounts that exist during the last run of reconciliation.

Reconciliation TIM User Accounts

The number of processed accounts that belong to IBM Security Identity Manager users.

Reconciliation Local Accounts

The total number of local accounts created. It does not include the newly created orphan accounts.

Reconciliation Policy Violations

The number of policy violations that are found for the accounts during the reconciliation. This number includes:
The accounts where an attribute value is different from the local account.
Any attribute value of the account is not compliant with the governing provisioning policies.
It does not include the accounts where the attribute values of the local and remote accounts are same, even if the values are noncompliant.

Reconciliation Start Time

The reconciliation operation initiation date and time.

Reconciliation Completion Time

The reconciliation operation completion date and time.

Reconciliation Policy Compliance Status

The reconciliation completion status.

Reconciliation Operation

The operation that is performed for the entry of the service instance. The possible values for an account entry are New Local, New Orphan, Suspended Account, and Deprovisioned Account.

Reconciliation Requester Name

The name of an initiator who initiates the reconciliation operation on the account for a service.

Provisioning Policy
Provisioning Policy Name

The name of a provisioning policy through which an account is provisioned on the service.

Provisioning Policy Dn

An LDAP distinguished name for the provisioning policy.

Provisioning Policy Container Dn

An LDAP distinguished name for the business unit to which the provisioning policy applies.

Provisioning Policy Service Name

The name of a service to which the provisioning policy applies.

Provisioning Policy Service Type

The profile type of a service to which the provisioning policy applies.

Provisioning Policy Service Business Unit Name

The business unit of a service to which the provisioning policy applies.

Parent topic: Account Audit namespace

Query subject	Query items and their description
Account Audit	Audit Account Name The name of an account on which the audit action is performed. Audit Action The action that is performed on an account. For example, Add, Delete, Modify, and ChangePassword. Audit Comments The comments that are entered by the audit workflow approver. Audit Account Business Unit The business unit of an account. Audit Process Subject A user who is the owner of an account on which the audit action is performed. Audit Process Service Profile The profile type of a service to which an account belongs. Audit Process Subject Service The service on which an account is provisioned. Audit Initiator Name The name of a user who initiated the audit action. Audit Process Requestee Name The name of an account owner. Audit Process Recertifier Name The name of a user who approves the audit process workflow. Audit Operation Start Time The audit operation initiation date and time. Audit Activity Owner An owner who owns the activity. For example, An owner name who approves the add request for the pending account. Audit Activity Name The name of the audit activity. Audit Activity Start Time The audit activity start date and time. Audit Activity Completion Time The audit activity completion date and time. Audit Process Submission Time The audit process submission date and time. Audit Process Schedule Time The date and time at which an event is scheduled for execution. Audit Process Completion Time The audit process completion date and time. Audit Activity Result Summary The result of the activity within the account audit process. Audit Process Result Summary The result of the account audit process.
Account	Account Name The name of an account on which the audit action is performed. Account Service Name The name of a service on which the account is provisioned. Account Status The account status. The valid values are Active and Inactive. Account Is Orphan Indicates whether an account is associated with a user or not. The valid values are Yes and No. Yes represents the account is orphaned, and No represents the account is not orphaned. Account Compliance Indicates whether an account is compliant or not. The valid values are Compliant, Non compliant, Unknown, and Disallowed. Account Last Access Date The last accessed date and time of an account. Account Owner First Name The given name of a user who is the owner of an account. Account Owner Last Name The surname of a user who is the owner of an account. Account Dn An LDAP distinguished name for an account. Account Service DN An LDAP distinguished name for the service to which an account belongs. Account Owner Business Unit Dn An LDAP distinguished name for the business unit to which an account owner belongs. Account Owner Dn An LDAP distinguished name for the account owner.
Reconciliation Audit	Reconciliation User Name The name of a user to whom an account is associated during the reconciliation operation. Reconciliation Account Name The name of the reconciled account. Reconciliation Processed Accounts The number of processed accounts that exist during the last run of reconciliation. Reconciliation TIM User Accounts The number of processed accounts that belong to IBM Security Identity Manager users. Reconciliation Local Accounts The total number of local accounts created. It does not include the newly created orphan accounts. Reconciliation Policy Violations The number of policy violations that are found for the accounts during the reconciliation. This number includes: The accounts where an attribute value is different from the local account. Any attribute value of the account is not compliant with the governing provisioning policies. It does not include the accounts where the attribute values of the local and remote accounts are same, even if the values are noncompliant. Reconciliation Start Time The reconciliation operation initiation date and time. Reconciliation Completion Time The reconciliation operation completion date and time. Reconciliation Policy Compliance Status The reconciliation completion status. Reconciliation Operation The operation that is performed for the entry of the service instance. The possible values for an account entry are New Local, New Orphan, Suspended Account, and Deprovisioned Account. Reconciliation Requester Name The name of an initiator who initiates the reconciliation operation on the account for a service.
Provisioning Policy	Provisioning Policy Name The name of a provisioning policy through which an account is provisioned on the service. Provisioning Policy Dn An LDAP distinguished name for the provisioning policy. Provisioning Policy Container Dn An LDAP distinguished name for the business unit to which the provisioning policy applies. Provisioning Policy Service Name The name of a service to which the provisioning policy applies. Provisioning Policy Service Type The profile type of a service to which the provisioning policy applies. Provisioning Policy Service Business Unit Name The business unit of a service to which the provisioning policy applies.