Testing Rules
In many cases, rules need input. That is, the rules need instances of objects, meaning that live data is the best test environment. However, taking instances of objects is not always possible and could cause problems with the actual data. For example, if a mistake is made in a correlation rule, application accounts could be correlated to the wrong identities or remain uncorrelated.
SailPoint recommends separating development, testing, and production environments. Creating a "sandbox" with its own sample data is a recommended practice that allows for testing rules under realistic conditions with minimal risk to live data.
For debugging purposes, it can be useful to insert println
statements in your rules' BeanShell code. Be sure to comment out or delete any println
statements before making the rule live in a production environment.