Identity & Access Management [3] Category
Identity & Access Management (IAM) events relate to the supervision of the system's authentication and access control model. Examples of such events are the success or failure of authentication, granting of authority, password change, entity change, privileged use etc.
| Caption | Name | ID | Description |
|---|---|---|---|
| Account Change [3001] | account_change | 3001 | Account Change events report when specific user account management tasks are performed, such as a user/role being created, changed, deleted, renamed, disabled, enabled, locked out or unlocked. |
| Authentication [3002] | authentication | 3002 | Authentication events report authentication session activities such as user attempts a logon or logoff, successfully or otherwise. |
| Authorize Session [3003] | authorize_session | 3003 | Authorize Session events report privileges or groups assigned to a new user session, usually at login time. |
| Entity Management [3004] | entity_management | 3004 | Entity Management events report activity by a managed client, a micro service, or a user at a management console. The activity can be a create, read, update, and delete operation on a managed entity. |
| User Access Management [3005] | user_access | 3005 | User Access Management events report management updates to a user's privileges. |
| Group Management [3006] | group_management | 3006 | Group Management events report management updates to a group, including updates to membership and permissions. |