10.0 Querying and Reporting

After you integrate Identity Manager with NetIQ Sentinel, you can log system information to a central data store. However, logging information is only half the battle. Obviously, you have to be able to access and understand your log data for the information to be useful. Queries and reports allow you to view and interpret the information in your data store.

The Identity Manager Collector provides a number of Crystal Decisions reports (*.rpt) that simplify gathering information on common operations performed in Identity Manager. The term “reports” refers specifically to Crystal Decisions report template files (*.rpt). Crystal Decisions reports graphically summarize specific sets of log data in pie charts, bar charts, and so forth. These reports are included with the current version of the Identity Manager Collector, which can be downloaded from, Sentinel Connectors Web site.

NetIQ Sentinel is integrated with Crystal Reports to generate and display reports. To run the report templates, you must first configure the location of the Crystal Enterprise Server that publishes reports in the General Options window of the Admin page.

  1. In the Sentinel Control Center, select the Admin tab, then select the Reporting Configuration option in the Navigator pane.

    Reporting Configuration option under the Admin tab

  2. Specify the location of the Crystal Enterprise server, then click Save.

    Specifying the location of the Crystal Enterprise server

After NetIQ Sentinel is configured to access the Crystal Enterprise server, the Analysis page allows administrators to run historical reports. Vulnerability reports are available from the Advisor page. These reports are published on a Web server, they run directly against the database, and they then appear on the Analysis and Advisor tabs under the Navigator pane.

The reports are updated regularly. The following is a list of the categories of reports that are available:

  • Collector Pack Controls: Contains reports about the Collector Pack setup, dashboard status, and implementation of audit trails.

  • Collector Controls: Contains reports about event trends and Collector management.

  • Account Management Controls: Contains reports about user account provisioning, user account management, account access management, and user password management.

  • Trust Management Controls: Contains reports about trust provisioning, trust management, and trust access management.

  • Object Management Controls: Contains reports about object provisioning and object management.

  • Authentication Controls: Contains reports about authentication by servers and users.

  • Workflow Management: Contains reports that monitor workflows and the resources requested in the workflows.

For more information on running reports in NetIQ Sentinel, see the “Analysis Tab” and “Advisor Usage and Maintenance” sections in the NetIQ Sentinel User’s Guide.