title: Lifecycle Events - Monitoring & History category: Lifecycle Management tags: lifecycle, events, monitoring, history, audit priority: Normal
Lifecycle Events - Monitoring & History
Every lifecycle template execution in IdentityCenter generates a lifecycle event -- a detailed, immutable record of what happened, when, to whom, and by what trigger. The Lifecycle Events page provides operational visibility into your JML automation and serves as the primary audit trail for compliance reporting.
Accessing Lifecycle Events
Navigate to Administration > Lifecycle Management > Events (/admin/lifecycle/events) to view the lifecycle events dashboard. This page displays all lifecycle events across your organization, with filtering, sorting, and drill-down capabilities.
Event Structure
Each lifecycle event contains the following information:
| Field | Description | Example |
|---|---|---|
| Event ID | Unique identifier | EVT-2026-00142 |
| Event Type | Joiner, Mover, or Leaver | Joiner |
| Identity | The target identity | John Smith (jsmith) |
| Template | Which template was executed | "Standard Employee Onboarding" |
| Trigger | What initiated the event | HR Feed, Manual, Schedule |
| Triggered By | User or system that initiated | "HR Import Service" or "admin@corp.com" |
| Status | Current event status | Completed |
| Started | Timestamp of execution start | 2026-02-20 08:15:32 UTC |
| Completed | Timestamp of execution end | 2026-02-20 08:15:45 UTC |
| Duration | Total execution time | 13 seconds |
| Actions | Number of actions executed | 5 of 5 |
Event Statuses
| Status | Icon | Description | Admin Action |
|---|---|---|---|
| Pending | Clock | Event is queued but not yet executing | Wait or cancel |
| InProgress | Spinner | Event is currently executing actions | Monitor |
| Completed | Checkmark | All actions executed successfully | None required |
| CompletedWithWarnings | Warning | All actions executed but some had warnings | Review warnings |
| Failed | Error | One or more actions failed | Diagnose and retry |
| Cancelled | Cancel | Event was cancelled before completion | Review reason |
| Retrying | Retry | A failed action is being retried | Monitor |
Filtering Events
The events page provides several filtering options to locate specific events:
Filter by Type
| Filter | Shows |
|---|---|
| All | All lifecycle events |
| Joiners | Only Joiner events (new identity provisioning) |
| Movers | Only Mover events (role/department changes) |
| Leavers | Only Leaver events (offboarding) |
Filter by Status
Select one or more statuses to narrow results. Common filter combinations:
- Failed only -- Focus on events needing attention
- Pending + InProgress -- Monitor currently active events
- Completed -- Review successful executions for audit
Filter by Date Range
| Preset | Range |
|---|---|
| Today | Events from the current day |
| Last 7 Days | Events from the past week |
| Last 30 Days | Events from the past month |
| Custom | Specify start and end dates |
Filter by Identity
Search for events related to a specific identity by name, username, or employee ID.
Filter by Template
Select a specific template to see all events it has generated.
Event Detail View
Clicking on an event opens the detail view, which shows the complete execution log:
Action Execution Log
Each action within the event is recorded with:
| Field | Description | Example |
|---|---|---|
| Action | The action type | CreateAccount |
| Sequence | Execution order | 1 of 5 |
| Status | Action-level status | Completed |
| Started | Action start timestamp | 08:15:32.100 |
| Duration | How long the action took | 2.3 seconds |
| Details | Action-specific output | "Created account jsmith in OU=Users" |
| Error | Error message if failed | null |
Before/After Comparison
For Mover events, the detail view shows a before-and-after comparison of changed attributes:
| Attribute | Previous Value | New Value |
|---|---|---|
| Department | Engineering | Sales |
| Manager | CN=Jane Doe | CN=Bob Wilson |
| Title | Software Engineer | Sales Engineer |
| OU | OU=Engineering | OU=Sales |
Group Membership Changes
For events that modify group memberships, a dedicated section lists:
- Groups Added -- All groups the identity was added to
- Groups Removed -- All groups the identity was removed from
- Groups Unchanged -- Groups that were not affected (e.g., exclusion list)
Error Diagnostics
When an event fails, the detail view provides diagnostic information:
Common Failure Reasons
| Error | Cause | Resolution |
|---|---|---|
| Connection Unavailable | Target directory is unreachable | Check connection status and network |
| Insufficient Permissions | Service account lacks required rights | Verify service account permissions |
| Object Not Found | Target identity does not exist in directory | Verify identity mapping and sync status |
| OU Does Not Exist | Target OU path is invalid | Create the OU or update the template |
| Group Not Found | Specified group does not exist | Verify group name and connection |
| Username Collision | Generated username already exists | Check username format and collision handling |
| Attribute Validation | Invalid attribute value | Review attribute format requirements |
| Timeout | Action exceeded time limit | Check directory performance and network latency |
Error Details
Each failed action includes:
- Error Code -- Machine-readable error identifier
- Error Message -- Human-readable description
- Stack Trace -- Technical details for advanced troubleshooting
- Timestamp -- Exact time of failure
- Attempted Parameters -- The values that were used in the failed action
Retrying Failed Events
Failed events can be retried from the detail view:
- Open the failed event
- Review the error diagnostics
- Resolve the underlying issue (e.g., fix a connection, create a missing OU)
- Click Retry Failed Actions
The retry operation:
- Re-executes only the actions that failed
- Preserves the original event record and appends retry information
- Updates the event status upon successful retry
- Creates a new audit log entry for the retry attempt
Tip: You can also retry multiple failed events in bulk from the events list by selecting them and choosing Retry Selected.
Audit Trail for Compliance
Lifecycle events form a comprehensive audit trail that supports compliance requirements:
What is Recorded
- Who or what triggered the event (user, HR feed, schedule)
- When each action was executed (millisecond precision)
- What changes were made (before/after values)
- Whether each action succeeded or failed
- Who retried failed actions and when
Compliance Reporting
Use the events page to generate compliance evidence:
| Requirement | How Events Help |
|---|---|
| SOX | Prove timely access revocation for terminated employees |
| HIPAA | Demonstrate access provisioning follows role-based policies |
| GDPR | Show data access was revoked upon employee departure |
| ISO 27001 | Evidence of documented JML processes and execution |
| SOC 2 | Audit trail of all identity provisioning changes |
Exporting Events
Events can be exported for external audit tools or long-term archival:
| Format | Use Case |
|---|---|
| CSV | Spreadsheet analysis, custom reporting |
| Formal audit documentation | |
| JSON | Integration with SIEM or GRC platforms |
Monitoring Best Practices
- Check failed events daily -- Set up a morning review routine for the previous day's failures
- Configure email alerts for failed Leaver events, as these represent the highest security risk
- Review Pending events -- Events stuck in Pending status may indicate a scheduling or trigger issue
- Track event volume trends -- Sudden spikes may indicate data quality problems in HR feeds
- Archive events periodically -- Export and archive events older than your retention period
- Use the dashboard widgets on the main Lifecycle page for at-a-glance status
- Investigate CompletedWithWarnings events -- warnings may indicate non-critical issues that could become failures
Event Retention
| Setting | Default | Configurable |
|---|---|---|
| Event retention period | 365 days | Yes |
| Detailed log retention | 90 days | Yes |
| Archive on deletion | Yes | Yes |
Events past the retention period are automatically archived (if configured) and then removed from the active database.
Next Steps
- Lifecycle Management Overview -- Return to the lifecycle overview
- Joiner Templates -- Configure onboarding automation
- Mover Templates -- Configure transfer automation
- Leaver Templates -- Configure offboarding automation
- HR Integration Overview -- Set up the HR feed that triggers lifecycle events
- Dashboard & Reporting -- View lifecycle metrics on the admin dashboard