Identity Search
Generate searches on specific attributes of the identities in your enterprise. You can use these searches to identify specific risk areas, or to define populations of people from multiple organizations, departments, and locations.
See Identity Search Criteria(LINK IN DOC).
Search results can be saved for reuse or saved as reports. In some cases, you can save your results as populations of identities.
When you save a search as a report, you can schedule the search on an continuous basis for monitoring and tracking purposes.
When you save the search criteria as a population, you can use activity monitoring and statistical reporting of identities that fit that criteria in the same way that you use them for groups.
Use Advanced Search to create detailed, multi-layered filters to identify specific populations of users in your enterprise. To create complex queries into your Identity Cubes, you can create multiple filters and then group and layer them using And / Or operations.
See Using Advanced Search Options(LINK IN DOC).
When a previous search is saved to use later, the Saved Searches section displays at the top of the page. A saved search has the following information:
| Field | Description |
| Saved Searches: | |
| Search Name | The names of past searches that you saved to reuse at a later time. To view the search results page, click the name of the saved search to view the search results page. These Saved Searches are only available for your use. To make identity searches available to users with Report access, save the search as a report. |
| Loaded Saved Search: | |
| The name and description of your current saved query. | |
Identity Search Criteria
The search criteria text fields support partial text strings using a starts-with protocol. For example, if you input "ro" in the Last Name field, the search results include Thomas Rowen and Betty Roberts.
If you want to use a "contains" type of search, so that using "ro" in the Last Name field would include "Brown" as well as "Rowen" and "Roberts," use the Advanced Search option and choose "Is Like" for the search operator. See Using Advanced Search Options(LINK IN DOC).
Your search criteria is used to narrow the search results. If you do not type information in a search criteria field, all possible choices are included. For example, if you do not select an application from the Applications list, all applications are included.
Note
If the Load Saved Search panel displays, the search criteria for that search is loaded on the page. To create a new search click Clear Search.
The search fields are inclusive or "AND" type searches. Only actions matching values specified in all fields are included in the search results. For example, if you search by First Name John and Last Name Doe, the search results include only users with the character string John in their first name and Doe in their last name.
Use the Fields to Display panel on the right to select the identity and risk fields to display on the search results page.
Specify the search criteria and columns to display and click Run Search to display the search results. From the search results page, you can review the results of your search and save the search. See Search Results(LINK IN DOC).
The Identity Search page has the following information:
| Criteria | Description |
|---|---|
| Identity Attributes | Identity attributes are pulled from the identity mapping information that is set during deployment and configuration. You can use full or partial strings in the text fields. Simple text searches use starts with logic; for example, "ro" in the Last Name field returns Roberts and Rowen. To search for results that contain the text string in the field, use the Advanced Search option and choose is like as the Search Type. |
| Searchable Attributes | Searchable Attributes are attributes you created and that are designated as Searchable when an identity is generated during deployment and configuration. For example, Department, Organization, or Location. |
| Last Name | Last name criteria to use in the query. |
| First Name | First name criteria to use in the query. |
| User Name | User name criteria to use in the query. |
| Display Name | The identity name in IdentityIQ. |
| Email address criteria to use in the query. | |
| Manager | Manager criteria to use in the query.\The Identity search results include all users that report to managers that match the criteria in this field. |
| Is Inactive | Select True to include identities currently marked inactive or False to include identities that are currently active in the search results. |
| Is Manager | Select True to include identities that are marked as manager or False to include identities that are not marked as manager in the search results. |
| Type | Employee types include: Employee, Contractor, External Partner, RPA/Bots, Service Accounts |
| Software Version | Only applicable to RPA / Bots Software version associated with the Robotic Process Automation (RPA) / bots. |
| Administrator | Only applicable to RPA / Bots\ |
| The administrator of the Robotic Process Automation (RPA) / bots. | |
| Applications | Select the applications to include in the search. If no applications are specified, all applications are included. Click the arrow to the right of the suggestion field to display a list of all applications or type a few letters in the field to display a list of applications that begin with that letter string. Identities need to match only one of the selected items to be included in the search results |
| Detected Roles | Select the detected roles to include in the search. If no roles are specified, all roles are included.\ |
| Click the arrow to the right of the suggestion field to display a list of all roles or type a few letters in the field to display a list of roles that begin with that letter string. For hierarchical roles, the identity is included in the search results with each role in the hierarchy not only the highest level role. | |
| Instance | The attribute that uniquely identifies a specific subdivision of an application. |
| Assigned Roles | Select the assigned roles to include in the search. If no roles are specified, all roles are included. Click the arrow to the right of the suggestion field to display a list of all roles or type a few letters in the field to display a list of roles that begin with that letter string. For hierarchical roles, the identity is included in the search results with each role in the hierarchy not only the highest level role. |
| Workgroup | Select the workgroups to include in the search. If no workgroups are specified, all workgroups are included. |
| Include Assigned Role Hierarchy | Select to include roles that are inherited from the assigned roles you selected for your search. |
::end-spantable::
Entitlements
| Criteria | Description |
|---|---|
| Entitlement Filters | Select an application, attribute name and entitlement then click Add to filter by your selection. |
| Entitlement Metadata | Filter your search to include identities with entitlements meet specific IdentityIQ-related criteria. |
| Certification | Has uncertified entitlements -- use the dropdown list and select True or False to specify search results that include identities that have uncertified entitlements. Has entitlements pending certification -- use the dropdown list and select True or False to specify search results that include identities that have entitlements with pending certifications. |
| Request | Has entitlements that were not requested -- use the dropdown list and select True or False to specify search results include identities with entitlements that were not requested. Has pending requests for entitlements -- use the dropdown list and select True or False to specify search results that include identities that have entitlements with pending access requests. |
| Other | Aggregation Status -- specify if the search must include identities whose entitlements are associated with applications that are Connected or Disconnected for aggregation. Is Assigned -- use the dropdown list and select True or False to specify search results that include identities with entitlements were assigned and not detected. |
Multi Valued Attributes
| Criteria | Description |
|---|---|
| Multi-Valued Attributes: | By default, IdentityIQ does not come preconfigured with any multi-valued attributes. Multi-valued attributes are created during deployment and configuration. To limit the search, add values associated with a multi-valued attribute. The search results include the member list for the selected values. Use the and / or operator to define the search criteria. For example, for multi-valued identity attributes you can search by cost center or projects that have multiple values on multiple applications. For multi-value account attributes you can use group membership for specific accounts such as payroll or strategy and planning. |
| Certification Score | The sum of compensated risk scores associated with certifications. |
Risk Attributes
Risk scores and compensating factors are defined when IdentityIQ is configured.
| Criteria | Description |
|---|---|
| Composite Score | The total composite risk score for the identity. |
| Role Score | The sum of the compensated risk scores of each role assigned to this identity. To determine the compensated role risk score, compensating factors are applied to the role base risk score. |
| Role Score (Base) | The sum of role base risk scores. This score does not account for the compensating factors defined for role risk scoring. |
| Entitlement Score | The sum of the compensated risk scores of each entitlement assigned to this identity. To determine the compensated role risk score, compensating factors are applied to the entitlement base risk score. |
| Entitlement Score (Base) | The sum of entitlement base risk scores. This score does not account for the compensating factors defined for entitlement risk scoring. |
| Policy Score | The sum of compensated risk scores associated with policy violations as defined when IdentityIQ was configured. Policies do not affect identity risk scores until a violation occurs. |
| Certification Score | The sum of compensated risk scores associated with certifications. |