Information Technology Blog

If the audit is running, it is possible to print or purge the audit files. Also, the integrity of the audit files can be checked. At least one user, preferably the administrator, must be authorized to perform these actions.

Only the root user is able to grant the authorizations to the user

Sessions and authorizations for audit management

The authorization type is a set, so you can combine those things:

None
All
Print
Delete
Maintain

Authorizations can be set in a couple of different ways:

All
Specified
Range

Related to:

Package
Module
Table
Company

There are different security levels such as print, maintain, delete, and all. These security levels are granted to user for packages, modules, tables, and companies. For security reasons, it is not advised to grant audit authorizations to normal users.

Audit Files

We distinguish two different kinds of audit files. Per audited Table there is:

 Information File

 Sequence File

The sequence file contains the Transaction Data like User, Session, Date and Time and the Record Images, and so on.

The Information file contains General information called the Information Header and Sequence File specific information called Sequence Header.

Information Header

Table and Company
Status Reuse
From Sequence
To Sequence
Current Sequence
Maximum File Size

Sequence Header

Sequence Number
Creation Date and Time
Termination Date and Time
Status of Termination

Settings

There are files on the Operating System level containing information about how Audit Management is used.

The most important ones are:

${BSE}/lib/tabledef6.1
${BSE}/lib/auditdef6.1

Some sessions that have their impact on these files are Maintain Database Definitions, Assign Tables to Databases, and Maintain Audit File Directories. Of course, you need to run a conversion to Runtime DD

Audit Management, which is used in relation with Databases to record the changes that were made in the data.

Using Audit Management
Audit management is used to track the changes to an existing application or company table. The audit data is stored in the files of a database independent format and can be printed per date and time, per session, or per user. The audit files are created and maintained by a UNIX process that communicates with the bshell. This process is called the audit server.
For parameter tables within BAAN Software, Audit Management is mandatory to use. For other tables it is optional. It is supposed to be for critical data.

Keep track of all commands which affects the table data (Insert / Update / Delete)
Mandatory for Parameter Tables
Optional for other Tables

The Implementation of Audit Management

The procedure begins with defining, for each table field, whether or not an audit trail is allowed. Next, the audit trail field of the database definition is set to yes and the location of the audit files is defined. Then, the default audit file parameters are specified in the ${BSE}/lib/audit_spec file and various security levels are assigned to all users. If desired, the parameters of the audit files of particular tables can be changed afterwards.

As a result of this procedure, the changes made to several BAAN IV tables can be tracked. It is also possible to print the audit data.

Print Range of Audit Files