Question

Group / / Role / Permission Addition & Removal Audit Trail


Currently SAML is enabled and admin roles are granted to users via groups. Is there a way to determine:

  • When the user is added to the group? 
  • When the permissions are added to the user?

Thank you.


This topic has been closed for comments

3 replies

Userlevel 2

Hi @leobardor

 

First, thank you. I wasn’t expecting anyone to answer.

 

Follow-up: This only shows the last change. Are we able to see the history for a specific role or all the roles associated to the user?

Hi Kaliew

 

As far I know, there is no history of this kind of actions.

 

 

Are you using the “mirror groups” SAML feature?

https://docs.looker.com/admin-options/security/saml-auth#:~:text=Mirroring%20SAML%20groups%20lets%20you,as%20Looker%2C%20in%20one%20place.

If so, perhaps you will be able to get this information outside looker.

 

Hope it helps!

Best,

Leo

Hi @leobardor

 

First, thank you. I wasn’t expecting anyone to answer.

 

Follow-up: This only shows the last change. Are we able to see the history for a specific role or all the roles associated to the user?

Userlevel 2

Hi Kaliew!

 

I would like to share one  URL “explore” of the looker system activity feature I think it can help:

 

https://yourlookerinstanceURL.looker.com/explore/system__activity/user?fields=user.id,user.name,user.created_date,user_facts.last_ui_login_date,user_facts.last_ui_login_credential_type,history.most_recent_query_date&f[user.is_disabled]=No&sorts=history.most_recent_query_date&limit=500

 

For instance:

 

 

Hope it helps!

Best,

Leo