Issue policies
Definition
Soffid has defined automatic events by default. For each of these events, it is possible to define the tasks to be performed and configure them.
You can find this functionality in the following path: > Administration > Configuration > Security settings > Issue policies
The default events are the following;
| Issue Type | Description | Available |
| disconnected-system | The Sync Server detects that some target system is offline. | Coming soon Soffid 3.5.0 |
| duplicated-user | The system detects that there are duplicate users, or when the task is generated from the user management. | Soffid 3.5.0 - beta |
| global-failed-login | The number of session start failures exceeds the threshold of 0.8. | Coming soon Soffid 3.5.0 |
| integration-errors | The number of errors in an agent's queue is increased. | Coming soon Soffid 3.5.0 |
| locked-account | An account has been blocked for exceeding the maximum number of login attempts. | Soffid 3.5.0 - beta |
| login-different-country | Soffid detects a new login from a different country. | Coming soon Soffid 3.5.0 |
| login-from-new-device | Soffid detects a new login from a new device. | Coming soon Soffid 3.5.0 |
| login-not-recognized | Soffid detects a login not recognized | Coming soon Soffid 3.5.0 |
| otp-failures | An OTP is blocked for exceeding number of attempts. | Coming soon Soffid 3.5.0 |
| pam-violation | Any of the rules of the PAM are violated. | Coming soon Soffid 3.5.0 |
| permissions-granted | When it is detected that permissions have been given to a user on the end-system | Coming soon Soffid 3.5.0 |
| risk-increase | The risk level of a user is increased. | Coming soon Soffid 3.5.0 |
| It is detected that someone who has not passed the CAPTCHA is trying to log in to the IdP. | Coming soon Soffid 3.5.0 | |
| security-exception | Unauthorized access to the console via WS or admin console occurs. | Coming soon Soffid 3.5.0 |
Screen Overview
Related Objects
Standard attributes
- Issue type: by default, some issues type are defined in Soffid Console.
- Description: a brief description of the issue.
- Response:
IgnoreIgnore.RecordRecord.ManageManage.
- Assigned role:
- Actions list: list of actions to be taken when this issue occurs. You can choose one or more
actionactions from the list and configure them:- Issue status: it is used to determine the point when the action will be launched.
- New.
- Acknowledged.
- Solved.
- Solved - Not a duplicate.
- Actions:
- Notify affected user: allows you to configure an email that will be sent to the affected users.
- Send custom email: allows you to configure a custom email that will be sent to specific users.
- Run script: allows you to type a script that will be performed
- Look affected accounts: allows you to configure an email that will be sent to the owner user.
- Look affected host.
- Notify issue owner by email.
- Acknowledge.
- Start new process.: allows you to configure the workflow that will be run.
- Description: a brief action description.
- Issue status: it is used to determine the point when the action will be launched.
Actions
Issue policies query action
| Download CSV file | Allows you to download a CSV file with the issue policies data. |
Issue policy detail
| Add new |
Allows you to add a new action to the issue policy. You can choose the action from the action list. Depending on the selected action, you must fill in different information. Once the information will be filled in, you need to close the window and Apply the changes. |
| Delete |
Allows you to delete one or more actions from the actions list. &&TODO&& |
| Apply changes | Allows you to update the changes made to the issue policy. |
| Undo | Allows you to quit without applying any changes. |