Auditing

In the Auditing dialog, you can view and search for Repository and Financial Consolidation auditing data. Audit entries are recorded automatically when you enable the Auditing feature. For example, Repository stores changes of the User Management or authorizations of any object as audit entries in the Repository database.

To enable the Auditing feature, see this topic:

Repository Properties

Note: If you are working with auditing in repository database that are joined by user management links, you must consistently enable auditing across all joined repository databases:

When you define a user management link in the current repository in which auditing is inactive to a User Management repository in which auditing is enabled, auditing will also be enabled for the current repository. This message is shown: Auditing is enabled for the selected User Management Repository. It will be enabled also for the current Repository. This action cannot be rolled back once it is performed.
When you define a user management link in the current repository in which auditing is enabled to a User Management repository in which auditing is inactive, the next logon to such a repository with link to the User Management repository will fail. You must reset the user management link, enable auditing in the User Management repository as well, and then set up the user management link again.
Audit entries that relate to user management are always stored in the linked database where the changes are done.

To open the Auditing dialog, right-click the registration and select All Tasks > Auditing (there must be a connection). The menu command is only enabled, if you have the permission Administer Audit.

The Auditing dialog provides a variety of search capabilities to search for recorded audit entries, so that you can quickly find the data you are looking for.

These are basic searching scenarios:

Show all audit entries between a start and end date.
Show all audit entries for a specific user.
Show all audit entries for a specific application.
Show all audit entries for a specific audit event (requires to also set the application).
Show all audit entries for a specific audit event of an application filtered by additional fields.

You can use these search criteria in the Auditing dialog:

From, To: Time period in which the audit event happened.
Repository user: The Repository user who performed the audit event. This is the user login name in Repository.
Windows user: Windows user name under which the audit event happened. This is the fully qualified Windows user name.
IP address: IP addresses of the physical machine where the audit event happened. This is a semicolon separated list of all IP addresses the current local machine has assigned.
Computer name: Name of the physical machine where the audit event happened. This is the current local machine name from the operating system.
Process name: Name of the Windows process (executable) in which the audit event happened. This is the name of the process without extension.
Application: Predefined list of applications that offer auditing. You can select these applications from the drop-down list.
- Repository, Repository - OLAP, Repository - Application Studio, Repository - Office Plus, Repository - Designer, Repository - Applications, Repository - Application Engine, Repository - Dashboards: Repository itself and the applications that use Repository. The Event field shows a list of application-specific audit events that are recorded by Repository.
- Application Engine, Application Engine - Application Studio, Application Engine - Applications: Application Engine itself and Application Studio that uses Application Engine. The Event field shows a list of application-specific audit events that are recorded by Repository, currently only Generic Event.
- Applications: The Event field shows a list of application-specific audit events related to Financial Consolidation.
Project: List of available projects in the current repository in which the audit event happened. This is the unique name of the repository project. You can select <Any> here to consider all projects in the current repository, or <Unknown> if projects were deleted meanwhile and cannot be mapped to existing projects.
Event: Audit event that happened. The list of audit events shown here depends on the selected application. Custom fields that are linked to an audit event are available for filtering if a certain audit event is selected. In such a case, a specific set of additional fields appears in the filter section for the selected audit event. You can select <Any> here to consider all events in the current repository respectively application.

For a list and description of the Repository and Financial Consolidation audit events and additional custom fields that are audited, see these topics:

Audit events in Repository

Audit events in Financial Consolidation

If you select a combination of different search criteria, they are always combined with a logical and when a database query is performed. The only criteria that you must always specify are the time range and the application. You can leave other search criteria empty or use the <Any> option.

To start the search according to the specified search criteria, click Search. On the right side of the dialog, a list of the resulting audit entries is shown. By default, this list shows the common column information without custom field information. If you perform a search by using a specific audit event as a filter, in addition applicable custom columns are shown that are based on the selected event.

Note: When you perform a search that retrieves a number of audit entries greater than 50.000, an error message is shown: The search would return more than 50 000 entries. Try to specify more specific filter criteria to narrow down the results..

To reset the specified search criteria, click Reset.

To start the export of the search result to a .csv file, click Export. In the Save As dialog, specify the file name and click Save. The current view of audit entries of the previous search is saved to the file.