The following procedure shows how an ABL developer can migrate an existing ABL application, which did not implement its own auditing service, to use OpenEdge auditing.
To migrate an existing ABL application with no auditing to use OpenEdge auditing:
1. Determine if user-defined application auditing events are embedded within your application:
a. Assign an auditing event ID (above 32000) and context string to each auditing event you embed within your application. You want to define all of the events that any of the end-customers might want to use. Just because an audit event is embedded within the application does not mean that it needs to be triggered at run time.
b. Change the ABL source code to embed the AUDIT-EVENT( ) statements into your application, where appropriate.
2. Determine if user-defined application context is linked to database auditing events:
a. Choose the location, or locations, in your application where you want to begin linking application context to recorded audit events and optionally when to stop. You do not have to record application context on each recorded audit event.
b. Embed in the ABL source code the SET-APPL-CONTEXT( ) method for the AUDIT-CONTROL system handle.
3. Change your ABL applications initialization to set any customized audit-related settings. (Set up the AUDITING-DB alias.)
4. If user-defined application audit events are embedded in the application, export the databases application audit event definitions to an intermediate XML file for loading at the installation site.
Once the application is enabled for auditing, the production installation at the end-customer site follows these steps:
1. Install OpenEdge Release 10.1 and the ABL application. If this is an upgrade, ensure that all components are running Release 10.1 or later.
2. Enable auditing in each of the applications databases.
3. Create the user accounts that will be used by auditors and audit administrators in the OpenEdge auditing databases.
4. Define which user accounts will be given audit administrator privileges.
5. If the application has incorporated user-defined application audit events, import the user-defined auditing definitions into the databases used to store the applications auditing configuration.
6. Configure the database auditing necessary for the end-customer. Using Audit Policy Management or an application-supplied auditing administration utility, configure each database your application uses.
7. If the application has incorporated user-defined application audit events, configure the application auditing necessary for the end-customer through Audit Policy Maintenance or an application-supplied utility.
