Replicating the audit log
It is optional whether the audit logs for the database and security file are replicated. The audit logs for the database and security data are replicated separately.
- If the audit data for the database and security file is replicated, authorized users at any site can review all activities.
- If the audit data for the database and security file is not replicated, the audit logs records activity for the local database and security file only. The main effect of this is incomplete information on how conflicts between entity and link records, and in the security data were resolved. For example, log entries for the Conflict Viewer are only recorded in the audit log for the publication database (if the audit level is set to 4 or 5).
Filtering the audit log for the database
In a replicated audit log, the best way of filtering the log entries for a specific site depends on how user names and locations are defined in your organization:
| Filter by | Description |
|---|---|
| User name | The user name might be a useful way of filtering the audit log if each user name contains an element to identify the site at which the user works. |
| Network Login | If users are restricted to logging on to the database on the local server, then the network login can indicate the location of the user. |
| Location | Locations can be a useful
way of filtering the audit log if all user accounts have a location and that the location names are
consistent. Note: Filtering by location does not identify the records, which a user owns (if you are
using owner hyperlink fields), only those records that they create or update. |
Viewing log entries for conflict resolution
There are two actions for the Conflict Viewer: Conflict Detected and Conflict Resolved. These are recorded if the audit level of the publication database is set to 4 or 5.
Viewing the audit log for the security file
In addition to the standard entries for non-replicated databases, the audit log for the security file records changes to group and user names that results from resolving duplicate names in the Security Manager.
The site to which a user belongs is identified by the name of the user that created it.
The site to which a group belongs is identified by the group ID which contains the database identifier.
The first site to create the user or group keeps that user or group with the permissions they defined. The user or group at the second site is treated as a duplicate and loses any defined permissions.
| Date/time | User | Action | Detail |
|---|---|---|---|
| 09:35:09 | Sub1Admin | Create User | User SmithT created |
| 10:06:04 | PubAdmin | Create User | User SmithT created |
| 16:00:00 | Sub2Admin | Change User |
User SmithT renamed to ***1*** Note: The user Sub2Admin displayed the Security Manager which detected this duplicate and
automatically renamed it.
|
| 17:05:06 | PubAdmin | Change User |
User ***1*** renamed to 03SmithT Note: The SmithT created by Sub1Admin is kept with permissions assigned by Sub1Admin. The other
SmithT is treated as a duplicate (and its permissions are ignored).
|
Archiving audit log files
You can archive audit log files in the usual way. It is not necessary to stop or disable replication to do this. However, notice that although the entries you delete are deleted from the audit log at all sites, the archive file is not replicated.
To make the archived entries available to all sites, you should load the archive file into the database by using the replication File Manager.