How the audit log works in a replicated database

If required you can choose to replicate the audit log to maintain an audit trail that covers all sites. Typically, the audit level is set to the same value in all the replicated databases. You must set the audit level to 4 or 5 if you want to include actions that relate to the Conflict Viewer.

The main consideration for the audit log when you set up iBase database replication is the method of identifying the site at which a specific change was made. Depending on your organization, you might obtain this information from:

  • User names that contain a site identifier

  • Locations that are associated with the user

  • Network logins

The origin of a record that is entered after replication was configured in SQL Server (but not of any updates to it) can be determined from its record ID, which always contains a database identifier.

Using the audit log

When you view the records in the audit log, you see the actions taken in each replicated database. To restrict the actions to a specific site, you need to filter the audit log.

There are actions specific to iBase database replication to cover resolving conflicts in the database, and in the security file. These actions are used when the audit level is set to 4 or above.

Archived audit log files are not replicated.

Note: The dates and times that are recorded in the audit log are for the server on which the user was working.

Note: If Audit History is turned on, then the audit history will also log changes made by the Conflict Viewer if there is a data conflict.

Filtering the audit log

There are various ways of filtering the audit log to view activity for a specific site.

Filter by user name

In a replicated iBase system, each user must have a unique user name (so there can be no confusion about who worked on which record). This allows you to list the records worked on by a single user regardless of the server they log on to.

Optionally, each user name might contain an element to identify the site at which the user works, and this can be a useful way of filtering the audit log by site.

Filter by network Login

The audit log records the server and network login name of the user who performed the action. This may be a useful way of determining the location of the user if users can only connect to a database on one server.

Filter by location

Locations are optional. A location is associated with a user name and records something extra about the user, such as:

  • The site they work at

  • The division or business unit they work in

  • Their area of responsibility

If you want the capability to filter by location, then all user accounts should have a location and the location names must be consistent.

Choosing not to replicate the audit log

If you choose not to replicate the audit log, then actions are still logged as usual but the audit log only records actions local to the replicated database or security file. Other sites might not be able to view this information or easily compare it with actions recorded in other audit logs.

For more information, see When to replicate the audit log.