[midPoint] Send policy violation onfo to external system
Radovan Semancik
radovan.semancik at evolveum.com
Thu Sep 10 10:48:46 CEST 2015
Hi Alexander,
Currently there is no easy out-of-the-shelf way how to do this. But, you
have several options:
1) Use model clockwork hooks:
https://wiki.evolveum.com/display/midPoint/Hooks
The hooks are invoked for all create/modify/delete actions that midPoint
does. The hooks are currently used to integrate workflow, send
notification, etc. This might be a good place to implement ITSM system.
2) Use synchronization reactions. Currently there are several "built-in"
reactions such as addFocus, deleteProjection, etc. But internally the
reactions are pluggable and you can write your own plug-in. The plug-in
can detect rough-grained policy violations (e.g. illegal accounts)
3) Simple ITSM integration may be perhaps done by using audit subsystem.
Audit implementations are also pluggable and you can write your own
implementation that will send the events to ITSMS.
4) We might cooperate on this. Integration of IDM and ITSM/SIEM seems to
be an interesting topic. If you are willing to contribute the code or if
you have some financial incentive to help fund this branch of
development I'm sure we can find a way to cooperate. The options are
described here:
https://wiki.evolveum.com/display/midPoint/I+Need+New+Feature
--
Radovan Semancik
Software Architect
evolveum.com
On 09/09/2015 02:22 PM, Alexander Omelchenko wrote:
> I’m working on integration of MidPoint with ITSM system. I need to
> create new incident in ITSMS when there is policy violation with user
> account in some resource.
> Is there any way to do this while there is no mark enforcement policy
> implemented?
More information about the midPoint
mailing list