Before you implement auditing, it is wise to form a strategy that includes, among other things, decisions about what to do with the audit data over the long term. When you audit, the audit data initially is recorded in the database being audited. Over time, the audit data might begin to occupy more disk space than is desirable, and at that point you can move the audit data to another, more long-term storage container.
It is, however, your choice whether or not to move the audit data. If the database size is not an issue, you might not want to move the data; however, the longer the audit data resides in a database along with the application data, the higher the risk of data corruption. A best practice approach to the issue of audit data storage is to move the audit data to a database designated to hold the data. In this way, you can identify a designated storage database that has the size you require and establish security on the database such that only those users whose job it is to manage and report on the data have access to it.
Typically, the best audit data security solution involves moving the active databases audit data records from the production server systems to an OpenEdge database that holds only audit data records for long-term storage. Security is enhanced when you place very restrictive access controls on the database to protect the audit data it contains.
When an OpenEdge database is used for long-term data storage, the expectation is that only audit data, and no other application data, resides in the database.
An authenticated user with audit data archive privileges can use the Audit Archive utility to truncate online audit data by moving the audit data to the systems trash basket. The audit data archiver can also archive the data to a secure binary flat file for more convenient offline storage. A MAC data integrity seal is applied to the file containing the audit data so that the files contents can be validated before audit data is physically loaded into an OpenEdge databases audit tables.
Caution: The audit data archiver not only archives audit data but can also delete it. Therefore, assigning the audit data archiver privilege to a user is a decision not to be taken lightly.
