Skip to end of banner
Go to start of banner

2.4.2 Reporting Basics

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

  • Introduction

  • NetIQ Users Report

Hello. In this video we’re going to show you how to use ACDI reports to audit and monitor data and events in your directory.

Let's start from beginning. By default, ACDI contains a list of predefined default reports that are used to create tables with statistical data or to audit upcoming events.

Reports may be searched either by text or by name.

Let's start with the simplest report: NetIQ Users Report.

This report is based on the snapshot data stored in a system.

Every day or by using Cron, the Snapshot Service takes a snapshot of your eDirectory or Active Directory and stores the state of objects in Opensearch so that you can parse through it using ACDI.

The NetIQ Users Report contains only one entity, which is based on those snapshots—report default.

On the Report graph you can see this entity, its filters, and result attributes will get in the final report.

As for filters, Result Table Attributes, and Postprocessing, we’ll be coming back to these options of report editing in upcoming videos. Now, let's go back to the report.

This report will allow you to create reports and to see the current states of your user objects in the selected period of time.

Let’s assume you want to set it for a snapshot from the previous week. You can use here either absolute or relative date pickers.

Let’s choose “7 days ago.” And you also want to see values for the user with surname “Strand.”

Ok. The user is found, and you can use other filters here and narrow down the search results. Let's click “Run.”

Here you can see that during the selected period this user has the following attributes and “False” locked.

You can export report results into CSV, XLSX, or PDF format, which is extremely convenient.

The next step is to download the file so that you can later process the data using external applications.

Additionally, reports can be scheduled to be created when you need them. Here are the filters you selected at the previous step, namely, “Last Name” and “Date Time Range.

Now you need to define the scheduler to enable the scheduled report creation and select if you want the report to be sent via email or be saved on a local machine.

The default “Cron expression” you see here means that on the first day of each month at four minutes past midnight, report will be created in the CSV format.

You can select the format here and also define emails to which this report will be sent. Save the settings, and the Expert Service will create this report and send it to you on a monthly basis.

Let's look at a more complex report like the Group Membership report.

This report contains two entities: group and Person, which are linked using member and DN: DN for a user member for a group.

With the help of the Report Graph, you can easily visualize connections.

With the help of the Report Graph, you can easily visualize connections. There are also mandatory attribute for groups. This means that additionally for the default filter “Object class: group of names,” objects that don’t have a value from the attribute “Member” will be filtered out.

Let's look how it works.

Let’s filter the reports with the help of the keyword “group

Here it is—the NetIQ Group Membership report.

In this list and in this search, you will get only groups that have at least one member.

The filter can be customized though.

You can define the search options and select, for instance, the search by regular expressions. Here are also other options like “case sensitive,” “show duplicates,” or you can disable the filtering using mandatory attributes.

Now it's disabled and you can see more groups. This is because most of them have no members. Let’s look how the link between two entities works.

There are some filters for the group entity

and some filters for the person entity. Let’s assume you want to check group admins.

Here you see that there are groups with the CN “Admins” in two different containers. You need the one that is located in the ACD 4.

After the filters are selected and applied, you can see that the application impacted the person entities. There is also only one group matching filters we selected and 21 persons, which means that this group has 21 members. Let's run this report.

Here you can see the information about this group and all its members. Additionally, secondary entities can be enriched by some additional attributes. Not only DN, as it's by default set in member attribute of groups, but some additional information about members.

It's defined in the “Result Table Attributes” submenu.

If a group contains too many members, you can make the data more readable if there is a row per member of the group.

The report can be displayed in a flat format, which you can enable here with the help of a switcher.

Let’s enable the flat format and click “Run.” So now you have the data in the table in flat format.

Two previous reports were based on the data from snapshots. However, ACDI also contains reports based on audit events. Let's check a few of them and go through a real use case.

Should you have any questions or require any assistance, please do not hesitate to contact us at any time swsupport.skypro@skypro.ch

  • No labels