The audit log

The TM1® audit log monitors changes to metadata, such as modifications to dimensions, views and subsets. It also tracks login and TurboIntegrator process execution.

This log can be used for accountability purposes where laws or regulations, such as Sarbanes-Oxley, require auditing of certain activities in mission critical software.

Each TM1 server maintains its own separate audit log. Administrators can use a server's audit log to answer these questions:

  • What object was changed?
  • How was the object modified?
  • Who made the change?
  • When was the change made?

By default, audit logging is disabled and must be manually enabled for each server you want to monitor. Audit logging is only on or off. It is not possible to enabled audit logging for only some activity types. For more information, see Configuring audit logging.

The active audit log file is locked and cannot be opened in a text editor. Audit logging is enabled and disabled with the AuditLogOn parameter in tm1s.cfg file.

You can query and view the audit log using the Audit Log window, available in TM1 Server Explorer. The log file is rolled over by the TM1 database on restart. Historical audit log files are named tm1auditstore<timestamp>.log.

Audit logging is not managed automatically by the TM1 database. If audit logging is enabled, you should determine how long audit logs are kept in the logging directory. The audit log files might be large.