Viewing audit logs
You can use the Audit Viewer to view the audit entries for a database that has already been configured for auditing. The physical form and location of logs is different for security files and database files. In addition different options are available for Microsoft Access databases, and SQL Server databases.
- Some users generate restricted audit log entries that you need the Audit Administrator role to view.
- Some audit log entries are hidden if SC codes are used (you can only view the entries for records that match your security classification).
- Security file logs record the opening of databases, failed logon attempts, and a range of administrative actions such as creating templates, and managing users and groups.
- Database logs record all the requested actions within databases, and the closing of databases. Actions are recorded regardless of origin: users can request database actions from i2 iBase Designer, i2 iBase, i2 Analyst’s Notebook, or third party mapping applications. You can inspect logs for several databases provided that those databases are managed through the same security file.
- Failed logons.
- Microsoft Access to databases by unexpected users or at unusual times.
- Use of commands that send data outside of iBase: to a printer, to a file, or to an external application such as Analyst’s Notebook or a mapping application.
- History of changes to single iBase entity or link records and who made them (if you log historical information).
- Journal Entries detailing the specific comments of an individual user.
As audit logs are potentially very large files, which the viewer displays as a grid of rows and columns, where each row represents an action on a database or security file and each column provides a different piece of information about an action. Much of Audit Viewer is designed to provide ways to identify and arrange actions (the rows) that are interesting or related in some way.
- Print the displayed actions
- Export the actions to a file for further analysis using a spreadsheet, database, or other visualization tool
- Archive them to a standalone database file