Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application Auditing Made Easy

Published byAmber Blair Modified over 6 years ago

Similar presentations

Presentation on theme: "Application Auditing Made Easy"— Presentation transcript:

1 Application Auditing Made Easy
Simon L. Prinsloo

2 Introduction Simon Prinsloo Vidisolve in Pretoria
Working with Progress since v.7 in 1996 Worked on various commercial systems Mostly focused on CASE tools and implementing new functionality in legacy projects PUG Challenge America - June 2017

3 Agenda Why Auditing? About this case study Preparation for auditing
Deployment of auditing Audit context AUDIT-CONTROL System Handle Reporting Examples PUG Challenge America - June 2017

4 Why Auditing? Business requirements Legal requirements
PUG Challenge America - June 2017

5 About this case study Replace traditional auditing
Replace traditional record history tracking Enhance visibility with context PUG Challenge America - June 2017

6 Preparation for auditing
Implement user authentication Preferably using CLIENT-PRINCIPAL Add audit areas to database(s) Enable auditing with proutil Offline  Set up audit security Setup audit policies Add audit context and events (Optional) Create audit reports PUG Challenge America - June 2017

7 Deployment of auditing
Add audit areas to database(s) Enable auditing with proutil Offline  Set database identification Set up audit security Import audit policies Periodically archive audit data PUG Challenge America - June 2017

8 Audit Context Client Login Session (Client Principal)
Application Context (Developer) Application Context (Developer) Audit Event Group (Developer) Audit Event Group (Developer) Database Transaction Database Transaction Database Transaction PUG Challenge America - June 2017

9 Audit Context Client Login Session (Client Principal)
Audit Event Group (Developer) Audit Event Group (Developer) Application Context (Developer) Application Context (Developer) Database Transaction Database Transaction Database Transaction PUG Challenge America - June 2017

10 AUDIT-CONTROL system handle
Methods Properties SET-APPL-CONTEXT( ) CLEAR-APPL-CONTEXT( ) BEGIN-EVENT-GROUP( ) END-EVENT-GROUP( ) LOG-AUDIT-EVENT( ) APPL-CONTEXT-ID EVENT-GROUP-ID PUG Challenge America - June 2017

11 Reporting PUG Challenge America - June 2017

12 Examples Add audit areas to database(s) # Audit.st
d "AuditData":90,64;512 . d "AuditIndex":91,64;512 . proenv>prostrct add Koine ..\audit.st OpenEdge Release 11.7 as of Mon Mar 27 10:21:54 EDT 2017 Formatting extents: size area name path name AuditData C:\Projects\Koine\Databases\Koine\Koine_90.d1 00:00:00 AuditIndex C:\Projects\Koine\Databases\Koine\Koine_91.d1 00:00:00 proenv> PUG Challenge America - June 2017

13 Examples Enable auditing with proutil
proenv>proutil Koine -C enableauditing area "AuditData" indexarea "AuditIndex" OpenEdge Release 11.7 as of Mon Mar 27 10:21:54 EDT 2017 Auditing has been enabled for database Koine. (12479) proenv> PUG Challenge America - June 2017

14 Examples Setup database identification
PUG Challenge America - June 2017

15 Examples Setup audit security PUG Challenge America - June 2017

16 Examples Setup audit security PUG Challenge America - June 2017

17 Examples Setup audit policies PUG Challenge America - June 2017

18 Reporting on audit data
PUG Challenge America - June 2017

19 Separators used in the data
DEFINE PUBLIC STATIC PROPERTY Field AS CHARACTER NO-UNDO INIT "~006" GET. DEFINE PUBLIC STATIC PROPERTY Record AS CHARACTER NO-UNDO INIT "~007" GET. DEFINE PUBLIC STATIC PROPERTY Array AS CHARACTER NO-UNDO INIT "~010" GET. Remember the code works in octal, watch out for CHR(8)! PUG Challenge America - June 2017

20 Some code PUG Challenge America - June 2017

21 Questions? PUG Challenge America - June 2017

22 Feedback welcome Simon Prinsloo simon@vidisolve.com
PUG Challenge America - June 2017

Download ppt "Application Auditing Made Easy"

Similar presentations

Welcome! Were Glad Youre Here!. Whats New In Version 5.1b-100 Welcome to The Annual Information & Records Associates, Inc. User Conference May 20, 2009.

Welcome! Were Glad Youre Here!. Whats New In Version 5.1b-100 Welcome to The Annual Information & Records Associates, Inc. User Conference May 20, 2009.
Client Principal in the wild

Client Principal in the wild
Strength. Strategy. Stability. The Application Profiler.

Strength. Strategy. Stability. The Application Profiler.
1 PUG Challenge Americas 2014 Click to edit Master title style PUG Challenge EMEA 2014 – Dusseldorf, Germany Tales from the Audit Trails Presented by:

1 PUG Challenge Americas 2014 Click to edit Master title style PUG Challenge EMEA 2014 – Dusseldorf, Germany Tales from the Audit Trails Presented by:
1 PUG Challenge Americas 2013 Click to edit Master title style PUG Challenge Americas 2013 – Westford, MA Tales from the Audit Trails Presented by: Mike.

1 PUG Challenge Americas 2013 Click to edit Master title style PUG Challenge Americas 2013 – Westford, MA Tales from the Audit Trails Presented by: Mike.
Efficient, Productive, Time-Saving Solutions TRANSACTION AUDITING Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view.

Efficient, Productive, Time-Saving Solutions TRANSACTION AUDITING Part of our RISK MANAGEMENT SUITE FOR LAWSON S3 Thank you for taking the time to view.
Guide to MCSE 70-290, Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.
PUG Norway Lillehammer March 16th & 17th

PUG Norway Lillehammer March 16th & 17th
Privileged Account Management Jason Fehrenbach, Product Manager.

Privileged Account Management Jason Fehrenbach, Product Manager.
REST support for B2B access to your AppServer PUG Challenge Americas - 2014 Michael Jacobs : Senior Software Architect Edsel Garcia : Principal Software.

REST support for B2B access to your AppServer PUG Challenge Americas Michael Jacobs : Senior Software Architect Edsel Garcia : Principal Software.
Spillman Sentryx 6.0.

Spillman Sentryx 6.0.
Session 21-2 Session 23 Direct Loan Tools Session 21-3 Direct Loan Tools Version 1.0 n Introductions n Questions n Evaluations.

Session 21-2 Session 23 Direct Loan Tools Session 21-3 Direct Loan Tools Version 1.0 n Introductions n Questions n Evaluations.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Copyright © 2003 Americas’ SAP Users’ Group Custom Archiving 101 Session Code 108 Karin Tillotson Sr. Basis Administrator Tuesday, May 20 th, 2003.

Copyright © 2003 Americas’ SAP Users’ Group Custom Archiving 101 Session Code 108 Karin Tillotson Sr. Basis Administrator Tuesday, May 20 th, 2003.
Monitoring Security With Standard SAP Tools Session Code 805 Sandi McKinney.

Monitoring Security With Standard SAP Tools Session Code 805 Sandi McKinney.
Angelo Tracanna Senior Manager, OpenEdge Data Management

Angelo Tracanna Senior Manager, OpenEdge Data Management
CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.

CoreGRID Workpackage 5 Virtual Institute on Grid Information and Monitoring Services Authorizing Grid Resource Access and Consumption Erik Elmroth, Michał.
Authenticating REST/Mobile clients using LDAP and OERealm

Authenticating REST/Mobile clients using LDAP and OERealm
Michael Solomon Tugboat Software Managing the Software Development Process.

Michael Solomon Tugboat Software Managing the Software Development Process.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.

Similar presentations

Ads by Google