Reporting with RapidIdentity, Part 1 - The Basics

    

This blog series will focus on reporting with RapidIdentity. Reporting performed within RapidIdentity provides a streamlined approach to obtaining meaningful identity and access management (IAM) data that helps you understand events in a contextual framework and facilitates sensible decision-making. This data can be centered on particular users, groups, or other events within an organization.

In This Series

RapidIdentity provides three primary reporting options: Portal Dashboard module, Portal Reporting module, and Connect Reporting adapter. This blog post introduces each of these reporting capabilities, with a focus on the Dashboard module, and then, in subsequent blog posts, the Reporting module and Connect adapter capabilities will be discussed further.

RapidIdentity Portal Dashboard Module

The RapidIdentity Portal Dashboard Module is a system organizations can use to view various identity management metrics as graphs and to analyze the Return on Investment (ROI) for the RapidIdentity Portal. The are three different types of dashboards: Activity, Entitlements, and Executive.

The Activity dashboard shows end users all audit events related to their digital identity. These events include user-performed actions and actions for which the user’s digital identity is the target. The audit events are translated into a more human-readable format and allow for quick filtering, which is divided into two content areas: My Activity and Details.

Reporting with RapidIdentity Image 1.1.png

My Activity contains a histogram of events that can be displayed over four different time intervals: Today, Yesterday, Last 7 Days, and Last 30 Days. Details contains the timestamp (When) and the action (What) corresponding to the user over the selected time interval. The Details can be filtered dynamically to facilitate readability by typing text in the search bar above the Details grid. All data may be printed or exported to a CSV file.

Similarly, Team Activity allows users with direct reports to see the activity of their direct reports, and Other Activity allows users with the Dashboard Help Desk Role to view activity of any user in the organization. By giving end users more insight, we provide a distributed model of risk mitigation.

The Entitlements tab is visible to Entitlement owners only. In this way, RapidIdentity empowers the business by giving business owners visibility to those with access to their systems. This view also provides business owners with access to recent audit events regarding their Entitlements, such as requests, approvals, and certifications.

Reporting with RapidIdentity Image 1.2.png

Finally, the Executive tab provides pre-configured tallies showing events that occur over the last year, month, week, and yesterday. Dashboard administrators determine what event types display in the Executive tab. Optionally, the Action Detail tab configuration allows a dollar value to be assigned to each event and automatically develops an ROI total as well.

Reporting with RapidIdentity Image 1.3.png

In a later blog in this series, I'll show you how you to create your own tallies and categories for tracking tallies from anywhere in the organization.

RapidIdentity Portal Reporting Module

The RapidIdentity Portal Reporting module allows users to create ad-hoc reports. Reports can be based on specific events (e.g. login attempts) or users and can also be refined to a specified time period. This is a tremendous tool for troubleshooting end user problems. It is even better when used to provide feedback for internal or external audits.

For example, we had a customer that told us about a breach they had. Using the Reporting module, we helped the customer figure out exactly what the perpetrator did in the customer's environment by configuring the report to only focus on the source IP address of the perpetrator. The result was a coherent chain of events based on the perpetrator’s activity.

Additionally, many of our customers go through audits and subsequently, it becomes necessary for customers to provide specific information to auditors. Using the Reporting module, customers can quickly provide ad-hoc reports to auditors in response to the following requests.

  • Show me the entire account management history for one or more specific users.
  • Show me all failed login attempts within a specific time period.
  • Show me all users granted access to a system and who approved their access.

Reports of a similar nature, including reports that capitalize on Identity Automation’s out-of-the-box reporting functionality, are covered later in this blog series.

RapidIdentity Connect Reporting Adapter

Many of our customers are surprised to learn that RapidIdentity Connect includes a reporting adapter that enables users to build custom reports. If RapidIdentity Connect connects to databases, directory services, text files, web services, or other organizational endpoints, a custom report can be built.

The key component to integrate with the Connect adapter is the freely available iReport Designer tool from Jaspersoft. Subsequently, an action set that pulls in the data and processes it through the reporting adapter generates an HTML or PDF output. Then, the action set pushes the report output to a remote location and if desired, emails the recipients with the report as an attachment. The action set can then be scheduled or triggered. The types of reports you can create include, but are not limited to:

  • Custom audit event report
  • Identity synchronization report
  • Duplicate accounts report
  • Orphaned accounts report
  • Stale accounts report

Subsequent blog posts in this series will cover exactly how to build these types of reports.

Our next blog post in the series will focus on the RapidIdentity Portal Reporting module. So, stay tuned!



is-your-legacy-iam-system-doing-more-harm-than-good

Comments

Subscribe Here!