Kbase P126937: Does Progress offer Auditing capabilities.
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
30/12/2008 |
|
Status: Verified
GOAL:
Is there a way to audit events that occur on a database.
GOAL:
What are the features included with Auditing?
FACT(s) (Environment):
OpenEdge 10.1x
FIX:
Auditing
OpenEdge Release 10.1A introduces a new core business service?auditing. Auditing features
allow you to do the following:
? Audit database create, update, and delete events without using schema triggers.
? Audit internal events such as schema changes, audit policy changes, database connections,
authentication (login, logout), or archiving.
? Audit application-defined events, typically for events with no corresponding database
operation.
? Use a common auditing approach for Progress 4GL, SQL, and database utilities.
? Securely create and manage highly configurable audit policies that can be aggregated at
run time and deployed.
? Leverage Audit Policy Maintenance, which is a new audit policy tool, and/or write your
own utility using open API.
? Support nonrepudiation of audit data by physically preventing updates and sealing audit
data to prevent tampering both inside and outside an OpenEdge RDBMS.
? Create separation of audit administration duties by setting up appropriate privileges.
? Deny blank user ID access to the OpenEdge RDBMS.
? Separate audit security to restrict who has access to the audit data records and who can
archive, load, and remove them.
? Assert the user ID to use for auditing from external authentication systems (not dependent
on _User).
? Enable optional run-time checking of OpenEdge RDBMS table and field permissions