How to track and monitor RSA Via Lifecycle & Governanace remediation action status for violations generated from Segregation of Duties (SoD) and User Access Rule type
RSA Product Set: Identity Management and Governance RSA Product/Service Type: Appliance, Rule Module and Rule Processing RSA Version/Condition: 6.9.1
When processing SoD and User Access Rules the status of the rule process under Admin > Monitoring menu can be misleading to the end user.
The screen shot above shows the status as completed for a particular Segregation of Duties (SoD) or User Access Rule that was processed. However, this status doesn't include any information on the status of Remediation Action section of the Rule Definition.
The steps below show how to check on the rule remediation actions:
Login to the UI and navigate to Admin > System.
Click on the Logs tab.
In the search box for the Logs table enter the criteria rule violation.
You will see the start of the background thread message "Start of rule violation remediation workflow action..." and the corresponding end message "End of rule violation remediation workflow action..." as in the screenshot below. You can find the same information in the aveksaServer.log (See Accessing the aveksaServer.log file for RSA Lifecycle and Governance).
Note, a few important items to keep in mind when processing rules:
Not all rule types generate violations. Only Segregation of Duties (SoD) and User Access Rule types will generate violations.
If you have several SoD or User Access Rules that are generating violations and remediation actions are being performed, make sure you are looking at the correct background thread message.