Page tree
Skip to end of metadata
Go to start of metadata

Please see Dashboard configuration for basic information about configuration variables and Auditing-Custom column for steps how to add custom column.

Usecase

Administrator needs display all audit events which contains delta with changes on administrativeStatus of account on resource R1

Configuration

As first we need add custom column to m_audit_event table, on it use next sql commands:

Adding new custom column
ALTER TABLE m_audit_event ADD custSituation VARCHAR(255);
 
CREATE INDEX iAuditEventCustSituation
    ON m_audit_event (custSituation);

As next adding we adding next snippet of configuration to config.xml file in Midpoint home directory.

config.xml confiuration snippet
<configuration>
    <midpoint>
        ...
        <audit>
            <auditService>
                <auditServiceFactoryClass>com.evolveum.midpoint.audit.impl.LoggerAuditServiceFactory</auditServiceFactoryClass>
            </auditService>
            <auditService>
                <auditServiceFactoryClass>com.evolveum.midpoint.repo.sql.SqlAuditServiceFactory</auditServiceFactoryClass>
                <customColumn>
                    <columnName>custSituation</columnName>
                    <eventRecordPropertyName>situation</eventRecordPropertyName>
                </customColumn>
            </auditService>
        </audit>
        ...
    </midpoint>
</configuration>

After modifying config.xml we have to restart Midpoint. As last part of adding custom column adding next configuration to system configuration. 

Snippet of system configuration
<systemConfiguration>
	...
	<audit>
        <eventRecording>
            <property>
                <name>situation</name>
                <expression>
                    <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xsi:type="c:ScriptExpressionEvaluatorType">
                        <code>
                          import com.evolveum.midpoint.schema.ObjectDeltaOperation;
                           import com.evolveum.midpoint.prism.delta.ItemDelta;
                           import com.evolveum.midpoint.prism.path.ItemPath;
                           import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
                           
                           ret = "";
                           if (target instanceof UserType) {
                              for (ObjectDeltaOperation delta : auditRecord.getDeltas()) {
                                 if ("---RESOURCE_OID---".equals(delta.getResourceOid())) {
                                    for (ItemDelta itemDelta : delta.getObjectDelta().getModifications()){
                                       if (itemDelta.getPath().equivalent(ItemPath.create(UserType.F_ACTIVATION, ActivationType.F_ADMINISTRATIVE_STATUS))){
                                          if (!ret.isEmpty()){
                                             ret = ret + "|";
                                          }
                                          ret = ret + "changeAdminStatR1";
                    
                                       }
                                    }
                                 }
                              }
                           }
                           return ret
                       </code>
                    </script>
                </expression>
            </property>
        </eventRecording>
    </audit>
	...
</systemConfiguration>

Please replace '---RESOURCE_OID---' with oid of your resource. I chose situations are split by '|', but you can use more columns. Now, we need configure object collection for audit records. In object collection for audit events we use sql select command.

Object collection
<objectCollection oid="72b1f98e-f587-4b9f-b92b-72e251dbb277">
    <name>Modification of administrative attribute</name>
    <auditSearch>
        <recordQuery>select * from m_audit_event as aer where aer.eventType=2 and aer.eventStage=1 and aer.custSituation LIKE '%changeAdminStatR1%'</recordQuery>
        <interval>P1D</interval>
    </auditSearch>
</objectCollection>

When we have object collection, then import Dashboard object with widget for our object collection.

Dashboard
<dashboard oid="72b1f98e-f587-4b9f-b92b-72e251da4567">
    <name>changes-of-admin-status-r1</name>
    <display>
        <label>Changes of administrativeStatus(R1)</label>
    </display>
    <widget>
        <identifier>adminstat</identifier>
        <display>
            <label>Changes of administrativeStatus(R1)</label>
            <color>#00a65a</color>
            <icon>
                <cssClass>fa fa-database</cssClass>
            </icon>
        </display>
        <data>
            <sourceType>auditSearch</sourceType>
            <collection>
                <collectionRef oid="72b1f98e-f587-4b9f-b92b-72e251dbb277" type="ObjectCollectionType"/>
            </collection>
        </data>
        <presentation>
            <dataField>
                <fieldType>value</fieldType>
                <expression>
                    <proportional>
                        <style>value-only</style>
                    </proportional>
                </expression>
            </dataField>
            <dataField>
                <fieldType>unit</fieldType>
                <expression>
                    <value>changes</value>
                </expression>
            </dataField>
        </presentation>
    </widget>
</dashboard>

After successful import of dashboard object and reload of page you can see dashboard in menu DashboardsChanges of administrativeStatus(R1).

We want report with table of audit events, so we import dashboard report. 

Report
<report>
    <name>Changes of administrativeStatus(R1) dashboard report</name>
    <reportEngine>dashboard</reportEngine>
    <dashboard>
        <dashboardRef oid="72b1f98e-f587-4b9f-b92b-72e251da4567" type="DashboardType"/>
    </dashboard>
</report>

Now we can run report in report menu, show task, and download report. Every report from dashboard is in HTML format. 

  • No labels