Setting Up Access History Database and Tables
The database for storing Access History data is separate from the IdentityIQ database. The IdentityIQ install and upgrade scripts create separate databases for IdentityIQ and Access History data. The databases can be within the same instance for convenience, but separate database instances are recommended for production environments to avoid an impact on IdentityIQ performance. Depending on your environment setup and on the number of daily changes to your identities, the Access History database can be large, and will continue to grow.
The separate IdentityIQ Access History database is required, even when the Access History feature is disabled or is not being used. See the IdentityIQ Install Guide.
During the initial run, the Dispatch Access History task collects all necessary objects and populates the Access History database tables. This ensures that on a fresh install or upgrade, you start with a complete access history store.
IdentityIQ Access History database includes the following tables:
-
spt_hist_account_capture
-
spt_hist_accounts
-
spt_hist_assigned_roles
-
spt_hist_capability
-
spt_hist_capability_capture
-
spt_hist_certification
-
spt_hist_cert_remediation_capture
-
spt_hist_detected_roles
-
spt_hist_entitlement_capture
-
spt_hist_entitlements
-
spt_hist_identity
-
spt_hist_identity_capture
-
spt_hist_identity_event
-
spt_hist_identity_req_capture
-
spt_hist_identity_req_item_capture
-
spt_hist_mattr
-
spt_hist_mattr_capture
-
spt_hist_mattr_event
-
spt_hist_object_config_capture
-
spt_hist_policy_violation_capture
-
spt_hist_policy_violation_remediation_bundle_ids
-
spt_hist_policy_violation_remediation_capture
-
spt_hist_policy_violation_remediation_entitlements
-
spt_hist_policy_violations
-
spt_hist_role
-
spt_hist_role_capture
-
spt_hist_role_event
-
spt_hist_workgroup
-
spt_hist_workgroup_capture
-
spt_hist_workgroup_event