000032986 - How to track and monitor RSA Via Lifecycle & Governanace remediation action status for violations generated from Segregation of Duties (SoD) and User Access Rule type

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000032986
Applies ToRSA Product Set: Identity Management and Governance
RSA Product/Service Type: Appliance, Rule Module and Rule Processing
RSA Version/Condition: 6.9.1
IssueWhen processing SoD and User Access Rules the status of the rule process under Admin > Monitoring menu can be misleading to the end user. 
User-added image
The screen shot above shows the status as completed for a particular Segregation of Duties (SoD) or User Access Rule that was processed. However, this status doesn't include any information on the status of Remediation Action section of the Rule Definition.
User-added image

 
ResolutionThe steps below show how to check on the rule remediation actions:
  1. Login to the UI and navigate to Admin > System.
  2. Click on the Logs tab.
  3. In the search box for the Logs table enter the criteria rule violation.
  4. You will see the start of the background thread message "Start of rule violation remediation workflow action..." and the corresponding end message "End of rule violation remediation workflow action..." as in the screenshot below. You can find the same information in the aveksaServer.log (See Accessing the aveksaServer.log file for RSA Lifecycle and Governance).
User-added image

Note, a few important items to keep in mind when processing rules:
  1. Not all rule types generate violations.  Only Segregation of Duties (SoD) and User Access Rule types will generate violations.
  2. If you have several SoD or User Access Rules that are generating violations and remediation actions are being performed, make sure you are looking at the correct background thread message.

Attachments

    Outcomes