Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Auditing : Querying and Reporting on Audit Data : Audit data querying and reporting : Audit data application context
 
Audit data application context
Application context (_Application-context-id) can be used to provide additional information as to the application context under which the audit event data was created, such as the execution context including the call stack that would identify the procedure code that caused the audit event, for example. The use of the application context and what data it contains is driven by the application code using the new statements AUDIT-CONTROL:SET-APPL-CONTEXT and AUDIT-CONTROL:CLEAR-APPL-CONTEXT. In SQL, the statement AUDIT SET APPLICATION_CONTEXT is used to set it to a string or clear it by passing in NULL.
When the application context is set, a complete audit record will be created recording the details of the context against the context event ID 31998. The value of the _Audit-data-guid identifying field value for this context audit data record will then be set in the _Application-context-id field of all subsequent audit data records until the application context is cleared. It is, therefore, the responsibility of the application to correctly set and clear the context at appropriate points. Be extremely careful to handle errors appropriately and ensure that the resetting of the context does not get skipped due to an error condition.
Where multiple databases are connected and audit-enabled, the application context record will be written to each database that has enabled the recording of the application context event ID through the event policy. The context record will, however, be created identically in each database and conflicts resolved when archiving audit data from multiple databases into a centralized reporting database. Regardless of whether the database has the application context event enabled, the context ID will be set in all connected databases, ensuring that the correct ID is set on all audit data records in all databases, until the context is cleared.
In order to report on the details of the application context, a secondary read back into the audit data table will be required, locating the audit data record where the _Audit-data-guid value matches the _Application-context-id value.
In the context record itself, the fields that could contain data passed in from the application and supported by the API are the following three character fields: _event-context, _event-detail, and _Audit-custom-detail. Other fields, such as the user or date and time, will also be populated automatically as with database events.
Using the _Application-context-id field itself makes it possible to read all audit data that resulted from the same application context.