Release 10.1A: OpenEdge Getting Started:
Core Business Services

Developing the company’s audit policy

It is possible that two companies that use the same application will not configure and manage auditing in the same way. Because there will often be something that will make a single solution unacceptable, OpenEdge auditing supports many configurations.

Before implementing auditing, the first thing a production site should do is create its auditing strategy. In creating the strategy, the site should consider the information provided in the following sections and how it applies to the site’s unique situation.

Configuring long-term audit data storage

How long will you need the audit data to remain online so that you can run necessary reports? The length of time, combined with how much audit data you will be accumulating, will allow you to plan for how much physical disk capacity is needed and whether you will require multiple physical databases in which to store the audit data. Any long-term storage database should be tuned to store large amounts of data and be very secure, since auditing can accumulate data at a very fast rate.

Audit-enabling the application’s OpenEdge databases

When your application supports multiple databases, not all of them must be audit-enabled. If a database has no auditable tables in it, you do not have to slow it down by turning auditing on. If the application vendor has not already preconfigured the database for auditing, see the "Audit-enabling your OpenEdge application" section for details about how to get started.