How to Log an Audit Event from an IdM Rule

Posted on January 6, 2010. Filed under: SUN IdM |

Probably it is not frequently needed, but if you need to log an audit event outsize of a workflow somehow, you can use the following IdM rule to accomplish it.  For argument comments please refer to ‘Audit’ workflow because I exactly the same argument names.

<Rule name='logAudit'>

    <Comments>
        Refer to Audit workflow for argument definitions
    </Comments>

    <RuleArgument name="type"/>
    <RuleArgument name="action"/>
    <RuleArgument name="name"/>
    <RuleArgument name="status"/>
    <RuleArgument name='reason'/>
    <RuleArgument name='subject'/>
    <RuleArgument name='resource'/>
    <RuleArgument name='accountId'/>
    <RuleArgument name='error'/>
    <RuleArgument name='role'/>
    <RuleArgument name='parameters'/>
    <RuleArgument name='attributes'/>

    <block>
        <defvar name='event'>
            <new class='com.waveset.object.AuditEvent'>
                <ref>type</ref>
                <ref>action</ref>
            </new>
        </defvar>

        <invoke name='setObjectName'>
            <ref>event</ref>
            <ref>name</ref>
        </invoke>
        <invoke name='setStatus'>
            <ref>event</ref>
            <ref>status</ref>
        </invoke>
        <invoke name='setErrorString'>
            <ref>event</ref>
            <ref>error</ref>
        </invoke>
        <invoke name='setReason'>
            <ref>event</ref>
            <ref>reason</ref>
        </invoke>
        <invoke name='setResourceName'>
            <ref>event</ref>
            <ref>resource</ref>
        </invoke>
        <invoke name='setAccountId'>
            <ref>event</ref>
            <ref>accountId</ref>
        </invoke>
        <invoke name='setRoleName'>
            <ref>event</ref>
            <ref>role</ref>
        </invoke>
        <invoke name='setParameterList'>
                <ref>event</ref>
            <ref>parameters</ref>
        </invoke>
        <invoke name='setAuditableAttributes'>
            <ref>event</ref>
            <ref>attributes</ref>
        </invoke>
        <invoke name='setSubjectName'>
            <ref>event</ref>
            <cond>
                <isnull>
                    <ref>subject</ref>
                </isnull>
                <invoke name='getName'>
                    <invoke name='getSubject'>
                        <rule name='EndUserRuleLibrary:getCallerSession'/>
                    </invoke>
                </invoke>
                <ref>subject</ref>
            </cond>
        </invoke>

        <invoke name='logEvent'>
            <invoke name='getLogger' class='com.sun.idm.logging.audit.AuditManager'/>
            <ref>event</ref>
        </invoke>
    </block>
</Rule>
Advertisement

Make a Comment

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

One Response to “How to Log an Audit Event from an IdM Rule”

RSS Feed for /ideas/and/solutions/and/tips/and/tricks Comments RSS Feed

Excellent. I just recently got AuditLog to work from within a workflow. This will help tremendously, thanks.

1mmf27
July 6, 2010


Where's The Comment Form?

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Liked it here?
Why not try sites on the blogroll...

Follow

Get every new post delivered to your Inbox.