How to track and monitor RSA Via Lifecycle & Governanace remediation action status for violations generated from Segregation of Duties (SoD) and User Access Rule type
3 years ago
Originally Published: 2016-04-22
Article Number
000067558
Applies To
RSA Product Set: Identity Management and Governance
RSA Product/Service Type: Appliance, Rule Module and Rule Processing
RSA Version/Condition: 6.9.1
Issue
When processing SoD and User Access Rules the status of the rule process under Admin > Monitoring menu can be misleading to the end user. 

User-added image

The screen shot above shows the status as completed for a particular Segregation of Duties (SoD) or User Access Rule that was processed. However, this status doesn't include any information on the status of Remediation Action section of the Rule Definition.
User-added image

 
Resolution
The steps below show how to check on the rule remediation actions:
  1. Login to the UI and navigate to Admin > System.
  2. Click on the Logs tab.
  3. In the search box for the Logs table enter the criteria rule violation.
  4. You will see the start of the background thread message "Start of rule violation remediation workflow action..." and the corresponding end message "End of rule violation remediation workflow action..." as in the screenshot below. You can find the same information in the aveksaServer.log (See Accessing the aveksaServer.log file for RSA Lifecycle and Governance).
User-added image

Note, a few important items to keep in mind when processing rules:
  1. Not all rule types generate violations.  Only Segregation of Duties (SoD) and User Access Rule types will generate violations.
  2. If you have several SoD or User Access Rules that are generating violations and remediation actions are being performed, make sure you are looking at the correct background thread message.
Don't see what you're looking for?