Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Privileged Access Campaign

mgra
New Contributor III
New Contributor III

‎04/18/2023 09:07 PM

I have a use case that will only include the Applications that are PAM enabled to be part of the Campaign.

Is it possible to just filter an endpoint using the PAM_STATE in the query instead of the ep.id?

 

Labels:
0 Kudos
3 REPLIES 3

rushikeshvartak
All-Star
All-Star

‎04/18/2023 09:34 PM

Yes you can use any other endpoint attributes from endpoints  tables 


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.
0 Kudos

dgandhi
All-Star
All-Star

‎04/19/2023 07:10 AM

Hi @mgra 

You can design the use case like below:

1. Identity all the endpoints (applications) which are PAM enabled
2. Once you identify the endpoints, choose one of the CP of the endpoint to store the value like 'PAMEnabled'
3. Once all the endpoints are marked then you should be good to start the certification.
4. In the campaign config, add below query in the Application filter
and ep.customproperty8 like 'PAMEnabled'

dgandhi_0-1681913399328.png

Assuming that CP8 of the endpoint is storing the required information

Thanks

Thanks,
Devang Gandhi
If this reply answered your question, please Accept As Solution and give Kudos to help others who may have a similar problem.
0 Kudos

sk
All-Star
All-Star

‎04/19/2023 08:26 AM

@mgra : PAM_STATE comes from different table so if you have to use that then you have to use subquery. But looking at application field in certification you may need to build HQL query.

I personally tried below queries but was giving syntax error

and ep.id in (select e.endpointkey.id from endpoints_properties e where e.PAM_STATE='ENABLED')

and ep.id in (select e.endpointkey from endpoints_properties e where e.PAM_STATE='ENABLED')

Not sure if there is any issue with HQL query I tried or field itself is not accepting subquery. But same format worked in other parameters.

As a workaround what you can do is you use endpoint customproperty43 (this is default attribute, if you changed the attribute to something else in PAM_CONFIG use that accordingly) to differentiate PAM_ENANBLED endpoints vs regular one, where you will populate visibility control analytics name for all PAM endpoints. Let's say you have used analytics PAMDefaultUserAccountAccessControl for this purpose then you can build the logic as below

and ep.customproperty43 in ('PAMDefaultUserAccountAccessControl')

Otherwise you can also follow the steps mentioned by @dgandhi 

 


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.
0 Kudos
Copyright © 2024 Khoros, LLC