Skip to end of metadata
Go to start of metadata

This page describes the process for implementing frameworks Auditing - It also contains the Sterland Audit Policy as an attachment:

  1. Add type || storage areas to support progress auditing

a) Create an audit.st file that contains the following information: To some extent the size of the storage areas will be dependent on the site and its activity - the example given is to have a fixed extent 1Gb for audit data, with a variable length to support any area overflow, and a 1/2Gb fixed extent for audit indexes, with a variable length to support any area overflow

    1. d "audit_data",64;8 . f 1000000
      d "audit_data",64;8 .
      d "audit_index",64;8 . f 512000
      d "audit_index",64;8 .

           b) Issue the following command to add the storage areas to the database

prostrct add stix audit.st

2. Enable auditing on the database - issue the following command (DB needs to be offline)

proutil stix -C enableauditing area "audit_data" indexarea "audit_index"

3. Create users and assign auditing permissions to them

a) create a sysprogress user 

Admin -> Security -> Edit user List

create sysprogress with Audit Administration permissions - decide on a standard password 

log out of the database

b) create an auditAdmin

log into the database as the sysprogress user

Admin -> Security -> Edit User List

create auditAdmin user with Audit Administration - decide on a standard password

c) create auditArchive user

Create auditArchive user with Audit Data Archiver  - decide on a standard password

d) create auditRead & sysAdmin

4. Set Database Option (Admin -> Database -> Options)

Set "User Application User Id for Auditing" on

5. Load the sterland auditing policy, which include the standard Progress policy with modifications.

download the policy xml file._audit-policies.xml

copy it to the target machine /prostix/dmp

startdev

Tools-> Data Dictionary

Admin -> Load -> Audit Policies - Load XML

/prostix/dmp/_audit-policies.xml

6. Archiving Auditing Data

To archive the data out of the main database use proutil stix -C auditarcive -user auditArchive -password <password>

This will, by default create a file call stix.abd in the current directory. 

The idea is to build a cron script that runs each night and archives out the auditing data. Then rename the file with a date time stamp.

Leaving the script to be written by someone else and the timing of the cron entries to be decided based on the site

7. Implement Prostix Client Principal

apply the following hotfix   /rtb/deploy/ProstixCP.tar 

run in prostix a, 5, 6 sysufwdom.p

You can view the domains created in the database from DB Admin (Admin -> Security -> Domain Maintenance -> Domains)


Standard Sterland Audit Policy - audit all changes to:

  • branch 
  • branch_prod
  • company
  • cust
  • cust_balance
  • prod
  • supp
  • supp_balance
  • system_control
  • system_misc_table
  • system_user
  • trndet
  • trnmas

Notes: $DLC/bin/genpassword -password (password)

update /prostix/bat/sterland.config stix,db entry, -crc becomes: -crc -U sysAdmin -P oech1::(copy encrypted pw from genpassword)