adhilto
commented
7 months ago One potential long-term fix: create a config file and allow the top-level OU to be specified there.
Open amart241 opened 8 months ago
adhilto
commented
7 months ago One potential long-term fix: create a config file and allow the top-level OU to be specified there.
If a GWS organization only has 1 existing organizational unit (OU) but has created other organizational units in the past then we are unable to grab the root Organizational unit name/ID.
Which means the rego can't filter out deleted OUs logs because we don't have the root OU name.
I hope this is not a common occurrence among existing GWS organizations. Simple fix is to tell the organization to create at least one OU and our current filter will work. Unsure if there is a long term fix somewhere.