Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Auditing : Configuring OpenEdge Auditing : Managing auditing context
 

Managing auditing context

OpenEdge auditing is highly configurable through its audit policies. Through audit policies you can, per OpenEdge database connection, designate which audit events will be physically recorded. You can also prevent the application context and audit event group events from being recorded. This does not mean that you lose the recording of the contexts ID in auditing records; it merely indicates that no audit record is generated. The IDs of the contexts will still be recorded so that reporting can make use of the references as a grouping mechanism to find and locate auditing records.
Managing the client session records is slightly different, as recording login sessions are not limited solely to auditing support. In this case, you use Data Administration to control a database option setting. Again, turning off the recording of client session events will result in not writing records. The login session ID is still filled into the auditing record and can be used as a grouping mechanism to locate associated audit records.
The last aspect of managing audit context is the recording of the simple user ID in the auditing records. In some applications, the OpenEdge database connections are under a different user ID than the effective user ID the application uses to operate. In these cases, you want the audit record to record the applications effective user ID, not that of the physical database connection. You control this aspect of auditing through either Data Administration or Data Dictionary by setting a database option that instructs auditing to use the applications user ID instead of the database connections.