IRC audit report
The audit report displays all the operations performed on the IRC server in a specified period of time. The report also displays information about the changed values by displaying old as well as the new values in the report. For example, if a user removes the existing rule condition and adds a new one, the report displays the old condition and the new condition. Effectively so the user generating the report can view the changes in IRC in the specified period of time.
The report provides this information:
- The date, the user, the type, the status, and the object of the operation.
- The Old Value and New Value columns that display the object values before and after the operation, respectively. For example, if the operation is to change the rule priority, the Old Value column displays the old rule priority and the New Value column displays the updated rule priority.
- History of user data deleted from IRC.
- Use the AuditSettings.xml file to define the operations for which the old and new values must be displayed in the report. For details, refer to the Platform - Advanced Configuration Settings Guide.
- Some of the operations displayed in the report are hyperlinks. Click the link to view the operation details.
If the option is selected, this information is displayed in the report:
| Selection | Description |
|---|---|
| Analysis | Insight analysis, delete analysis |
| Compensating Controls | Create, delete, modify, export, import |
| Extraction | Import data |
| Exclusion Documentation | Create, update, or delete documentation for exclusions |
| Note | Add or delete notes attached to violations when they are excluded |
| Parameters | Create, delete, add value, delete values |
| Parameter List | Add, create, delete export, duplicate, import, modify, |
| Rules | Create, delete, modify, move |
| Rule Books | Create, delete, duplicate, lock, unlock, modify |
| Test Analysis | Test Insight analysis |
| Toolbox | Bulk Exclude, Change Rule Attribute Values, Delete Analysis, restore Extraction Settings, Update Exclusions, Update Extraction Settings, |
| Violation Data Cleanup | Clean up old violation data |
| Scheduled Tasks | Create and modify analysis, extraction and archived tasks |
| Account Policy and Password policy settings | Old and new values of the Password Policy and the Account Policy settings. |
If an analysis is archived or deleted, the details of the event are removed, but the event remains as an Analysis Aggregation Summary.