/
SailPoint IdentityNow collector
Document toolboxDocument toolbox

SailPoint IdentityNow collector

Owned by Former user (Deleted)
Last updated: May 01, 2025 by Pulkit Vajpayee
[ 1 Overview ] [ 2 Devo collector features ] [ 3 Data sources ] [ 4 Flattening preprocessing ] [ 5 Accepted authentication methods ] [ 6 Minimum configuration required for basic pulling ] [ 7 Buffer Time Usage in Collector ] [ 8 Vendor setup ] [ 9 Run the collector ] [ 10 Collector services detail ] [ 11 Collector operations ] [ 12 Change log for v1.x.x ]

Overview

SailPoint IdentityNow is an identity management solution that helps organizations manage employees' permission, digital identities, information security, data access compliance, and more on a unified portal.

Devo collector features

Feature

Details

Feature

Details

Allow parallel downloading (multipod)

Not allowed

Running environments

Collector server

On-premise

Populated Devo events

Table

Flattening preprocessing

Yes

Data sources

Data Source

Description

API Endpoint

Collector service name

Devo Table

Available from release

Data Source

Description

API Endpoint

Collector service name

Devo Table

Available from release

Account activities

Account activities entries

/v3/account-activities

account_activities

iam.sailpoint.identitynow.account_activity

v1.0.0

Events

Event related to management console

/v3/search

events

iam.sailpoint.identitynow.event

v1.0.0

For more information on how the events are parsed, visit our page.

Flattening preprocessing

Data source

Collector service

Optional

Flattening details

Data source

Collector service

Optional

Flattening details

Account activities

account_activities

No

Account activities are flattened on the items list. 

Accepted authentication methods

Authentication method

Client ID

Secret

OAuth

Required

Required

Minimum configuration required for basic pulling

Although this collector supports advanced configuration, the fields required to retrieve data with basic configuration are defined below.

This minimum configuration refers exclusively to those specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.

Setting

Details

Setting

Details

base_url

Base URL for SailPoint instance.

client_id

The client_id obtained from SailPoint for authentication.

client_secret

The client_secret obtained from SailPoint for authentication

See the Accepted authentication methods section to verify what settings are required based on the desired authentication method.

Buffer Time Usage in Collector

The collector is configured to use a 10-minute buffer time when fetching data. This is necessary because the API does not return incoming data in real time — there is a slight delay before the data becomes available through the API.

If we attempt to fetch data for the most recent 1-minute window, some logs may be missing due to this delay. To ensure data completeness and reliability, the collector instead fetches data that is at least 10 minutes old and sends that data to Devo.

Vendor setup

There are some requirements to run this collector. In order to retrieve the data, you must configure a Client_ID and Client Secret for API access to the SailPoint IdentityNow Portal. Follow these steps to obtain an access token:

Run the collector

Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).

Collector services detail

This section is intended to explain how to proceed with specific actions for services.

Account activities

Events service

Collector operations

This section is intended to explain how to proceed with the specific operations of this collector.

Change log for v1.x.x

Release

Released on

Release type

Details

Recommendations

Release

Released on

Release type

Details

Recommendations

v1.1.0

Apr 30, 2025

Fixed

Fixed

  • Fixed issue with missing logs.

Recommended Version

v1.1.0

Apr 24, 2025

Fixed
improvement

Fixed

  • Fixed issue with status code error.

Improvements

  • DCSDK update from 1.8.0 to 1.15.0:

    • Changed log level to some messages from info to debug

    • Changed some wrong log messages

    • Upgraded some internal dependencies

    • Changed queue passed to setup instance constructor

    • Ability to validate collector setup and exit without pulling any data

    • Ability to store in the persistence the messages that couldn't be sent after the collector stopped

    • Ability to send messages from the persistence when the collector starts and before the puller begins working

    • Ensure special characters are properly sent to the platform

    • Fixed some bug related to development on MacOS

    • Added an extra validation and fix when the DCSDK receives a wrong timestamp format

    • Added an optional config property for use the Syslog timestamp format in a strict way

    • Fix for SyslogSender related to UTF-8

    • Enhace of troubleshooting. Trace Standardization, Some traces has been introduced

    • Introduced a mechanism to detect "Out of Memory killer" situation

    • Added new sender for relay in house + TLS

    • Added persistence functionality for gzip sending buffer

    • Added Automatic activation of gzip sending

    • Improved behaviour when persistence fails

    • Upgraded DevoSDK dependency

    • Fixed console log encoding

    • Restructured python classes

    • Improved behavior with non-utf8 characters

    • Decreased defaut size value for internal queues (Redis limitation, from 1GiB to 256MiB)

    • New persistence format/structure (compression in some cases)

    • Removed dmesg execution (It was invalid for docker execution)

    • DevoSDK has been updated to version 5.4.0

    • Change internal queue management for protecting against OOMK

    • Extracted ModuleThread structure from PullerAbstract

    • Improve Controlled stop when both processes fails to instantiate

    • Improve Controlled stop when InputProcess is killed

    • Bug related to lost of collector_name , collector_id and job_id

    • Fixed error related a ValueError exception not well controlled

    • Differentiated error codes for SdkPersistenceServiceError.

    • Use of DOCKER_IMAGE environment variable to show docker_image property.

    • Now the property service_thread_execution_periods_in_seconds in collector_definition.yaml is optional.

    • Reduced Redis connections per collector to 2.

    • Implemented a mechanism to control if the certificates have expired.

    • Fixed CVE-2024-12797 vulnerability in cryptography library (updated from version 44.0.0 to 44.0.1).

  • Upgraded dcsdk-docker-base-image to 1.4.1

Update

v1.0.0

Feb 24, 2023

NEW FEATURE

Released the first version of SailPoint IdentityNow.
New features:

  • Account activities: Account activities entries.

  • Events: Event related to management console.

Update