topic Re: Identity Collector exclusion of Service Accounts and Management Server logs in Firewall and Security Management

Identity Collector exclusion of Service Accounts and Management Server logs

kadar2 — Mon, 21 Sep 2020 07:32:39 GMT

Hello all,

I have added a service account to the exclusion filter in the identity collector. The service account is no longer seen when issuing the command "pdp idc service_accounts" on the relevant gateways.

I still see Log In/Log Out events for this account in the identity logging of the Management Servers. I was under the impression that no logs for this account should appear after the exclusion.

I am missing something or is this the correct behavior?

Thanks in advance,

Re: Identity Collector exclusion of Service Accounts and Management Server logs

PhoneBoy — Wed, 23 Sep 2020 08:25:06 GMT

The main thing that exclusions do is prevent the relevant accounts from turning into sessions in the pdp.
Makes sense that you may still see logs from those users.

Re: Identity Collector exclusion of Service Accounts and Management Server logs

kadar2 — Wed, 23 Sep 2020 10:00:46 GMT

That's fine by me! I was just wondering because I do not see any logs from other users who have been excluded from the Identity Collectors.