User-based auditing
The Infor Landmark system provides a means to more easily examine and analyze what changes a user might have made or what data the user might have viewed over a specific time period across the entire product. This is accomplished by storing user-based audit log header entries as well as user-based view log entries in the AuditLogEntry business class. The key fields that are stored will enable you to locate specific records if necessary.
The user actions that will be tracked are online user transactions and Infor Spreadsheet Designer web service transactions, and when users view a list or form. That is, batch transactions are not included. Also, selects do not create entries and paging a list will not create entries (only the first access does).
Once the AuditLogEntry business class has been populated, you can view its contents in several ways:
- The Audit Entries form in the Administration Console. This form shows the list of audit entries. Note that searches with this form may be slow. You can use the Instance Selection field to obtain the keys to single record views. On the Audit Entries List, you can also use the View Source action to redirect to the list that is on the entry or to a form for the record that created the entry (if the record still exists).
- The Change Analysis and View Analysis forms in the Administration Console. These forms
provide multiple ways to search for and view audit entries. For viewing the base
audit log entries sections, replication to columnar is not required. However, to
use dashboards, master views, and console views in the reports, analytics, and
metrics sections, you must replicate the AuditLogEntry business class to a
columnar table. When setting up the replication set for the AuditLogEntry
business class, be sure to select the Enable Indicator Replication check box and
then select the indicator field to use. For information on columnar tables, see
Implementing Columnar Tables. Note: The Landmark applications include delivered replication sets that can be leveraged for replicating the AuditLogEntry business class to columnar or to the Infor Data Lake.
- The Infor Data Lake. To view audit log entries in the Infor Data Lake, you must use data replication of the AuditLogEntry business class to that repository. When setting up the replication set for the AuditLogEntry business class, be sure to select the Enable Indicator Replication check box and then select the indicator field to use. If you are replicating the AuditLogEntry business class to both the Infor Data Lake and a Columnar table, you must use a different indicator field for the different replication sets.
- Standard database tools.
For performance reasons, Infor strongly recommends that you regularly purge the records. For this purpose, there is a delivered maintenance request for purging the AuditLogEntry records. Fully archived (replicated) records will be purged immediately. Otherwise, they will be purged based on offset days on the request. By default, that is after 180 days for framework changes and after 30 days for application changes.
To implement user-based auditing, you use several configuration parameters in the AuditLogEntry category or component. All of these are set in the tenant environment data area.
- CreateAuditLogEntryRecords: If set to true, the AuditLogEntry business class is created and populated with the key fields for audit log entries that are for online user transactions and Infor Spreadsheet Designer web service transactions. Though you set this parameter only in the environment data area, a separate AuditLogEntry business class is created in each data area.
- CreateViewLogEntryRecords: If set to true, the AuditLogEntry business class is created and populated
with the key fields for audit log entries that are for user-viewed lists and
forms. You can also have web services calls create audit log entries by
including
&_clientType=UI
in the URL.. Though you set this parameter only in the environment data area, a separate AuditLogEntry business class is created in each data area. - IncludeListFormFieldsViewed: If set to true, the default behavior is changed for the CreateViewLogEntryRecords parameter. The default behavior for that parameter is to not include the list of fields unless the form or list name is not available (which can occur if the form or list is accessed programatically). The IncludeListFormFieldsViewed parameter enables you to include the list of fields whether or not the form or list name was available.
- IncludeNonListFormFieldsViewed: If set to false, the default behavior is changed for the CreateViewLogEntryRecords parameter. The default behavior for that parameter is to include the list of fields when the form or list name is not available (which can occur if the form or list is accessed programatically). The IncludeNonListFormFieldsViewed parameter enables you to exclude the list of fields whether or not the form or list name was available.
- AuditLogEntryActions: If set to false, the creation of AuditLogEntry records is disabled for framework business classes, such as those for the Configuration Console, security, and replication sets. The default for this is true. Framework business classes are always audited unless auditing for them is turned off via this parameter.
- DisableActionRedirect: If set to true, users are prevented from using the View Source option to be redirected to the list that is on an entry or to a form for the record that created the entry.
To set up the configuration parameters for user-based auditing: