on 07-05-2015 1:49 PM
Greetings,
In the version 5.3 we had four different types of rules viz.
1. Action rules
2. Permission rules
3. Critical Action rules
4. Critical Permission rules.
In the GRC 10.x version I understand that Action and Critical Action rules are stored in table GRACACTRULE but I'm not able to find any information pertaining to Permission and Critical Permission rules. Do we have these rules in GRC 10.x version at all. May be I'm missing something very basic but I'd be grateful if someone can throw some light on this.
Thanks, Janantik
Hi Janantik,
All four types of rules still exist in GRC and you can define them in the same way as you used to do it in earlier versions by defining below risk types
1. SOD Risks
2. Critical Action Risks
3. Critical Permission Risks
Only thing i have observed is SAP removed Permission Rules table as that table holds huge data based on different permutations and combinations and hence it is being calculated at runtime, but still risk analysis will work in the same way for Action Level, Permission Level, Critical action and Critical Permission rules.
If you want to see Permission rules you can use Access Rule Detail Report under Reports and Analytics tab
Let us know if you still have any queries.
Regards,
Madhu.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Madhu,
Thanks for your response.
I'm wondering that these permutation and combination as you have described which leads to rule ID must be stored somewhere. Although it's huge data it's got to be stored in some table. I tried looking up but like you have mentioned I could not find any table.
We are doing a migration from 5.3 to 10.1 and as part of Rule set validation we wanted to run a quick vlookup query to ensure all the rules have been generated appropriately. But I could not find any table in 10.1 that stores the permission rules and wanted to seek expert's advise.
Thanks, Janantik.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.