Auditing
Use the Auditing view to establish audit logging for InfoSphere® MDM interactions and the users performing these interactions.
Logging is set individually for each interaction and can be set at one of three levels:
- None - Turns the logging off.
- Activity - Logs the user or system name performing the interaction along with the date and time.
- Member - The most extensive level of logging. Setting member level logging means that, for every interaction, the user or system name, date, time, member record affected, and value changes are logged.
For example, consider this scenario: The MemPut interaction is set to Member logging. The InfoSphere MDM Inspector user johnbell retrieves a record associated with the name "Patty Countryman". During the review of the record, johnbell changes the Patty Countryman's home phone number attribute and saves the record. A full record of this transaction is written in the operational server database's MPI_audxmem table.
Setting user audit logging levels
- From the InfoSphere MDM Workbench Configuration perspective, open the View list and select Expert.
- In the configuration editor, select Auditing.
- Click the existing Access privileges for an interaction.
- Select an access level from the list: Member, Activity, or None.Remember: Activity or member level logging can cause a large amount of information to be written to the database, which might affect system performance.
- Save the configuration project.
- Deploy the configuration to the InfoSphere MDM instance.
- If audit logging has not been previously enabled on this InfoSphere MDM instance,
complete the following steps to ensure that the AUDXMEM segment in MPI_SEGHEAD has a
recstatvalue of A, for active (the default value is I, for inactive).- Stop the InfoSphere MDM operational server.
- Submit an SQL statement to update the
recstatvalue of the AUDXMEM segment in MPI_SEGHEAD toA. For example:update mpi_seghead set recstat='A' where segcode='AUDXMEM';Tip: Depending on your system configuration, your SQL statement might require additional information such as a user name before the table name.
- Restart the InfoSphere MDM operational server.
When you change an audit logging setting, the InfoSphere MDM operational server (MPInet server) must be restarted before the change takes place.
Viewing audit information
After enabling and configuring audit logging, you can view audit information directly from the database by using SQL. The following sample SQL can be used to extract the information:
select u.usrlogin as "User ID", a.audctime as "Activity Time",
s.srccode as "Source", h.memidnum "ID", i.ixnlabel as "Activity"
from mpi_usrhead u, mpi_audhead a, mpi_srchead s,
mpi_memhead h, mpi_audxmem x, mpi_ixnhead i
where u.usrrecno = a.usrrecno
and x.audrecno = a.audrecno
and x.memrecno = h.memrecno
and s.srcrecno = h.srcrecno
and i.ixnrecno = a.ixnrecno
To limit the results to a single user, add the following line to the end of the SQL statement:
and a.usrid = 'rwuser'The output from the query (requesting all users) is similar to the following example:
rwuser 2005-07-29 11:33:15.000 RMC 870504 Search Members
rwuser 2005-07-29 11:33:15.000 RMC 558090 Search Members
rwuser 2005-07-29 11:33:15.000 PHYS 76690 Search Members
rwuser 2005-07-29 11:33:15.000 PHYS 899000 Search Members
billp 2005-07-29 11:33:15.000 ARH 1003702 Search Members
rwuser 2005-07-29 11:33:43.000 RMC 279776 Search Members
rwuser 2005-07-29 11:33:43.000 RMC 788888 Search Members
billp 2005-07-29 11:33:43.000 FGH 266785 Search Members
billp 2005-07-29 11:33:43.000 OUTP 111256 Search Members
rwuser 2005-07-29 11:33:43.000 ARH 278867 Search Members
rwuser 2005-07-29 11:33:43.000 MH 271268 Search Members