KBI 311686 Find Out What Are Changed By User Recently By Reading System Audits In Global System View System Audits Tab
Version
Argent Advanced Technology – All versions
Date
Monday, 9 July 2018
Summary
Global System View (System Audits tab) provides the central location to find out what/when/who/where of changes are there in Argent Advanced Technology
Technical Background
Global System View is the single place where Argent Advanced Technology user can see system health as well as do the routine system management
First thing Argent Advanced Technology Administrator should do each day is to open up Global System View and check any anomaly in past 24 hours
Global System View (System Audits tab) provides the central location to find out what/when/who/where of changes are there in Argent Advanced Technology
Event Time – When did the operation happen?
Object Group – It is either SQL Table name for database record change or ‘##PRODUCT##’ for product specific operations
Object Name – It is either the SQL specific record or product specific object such as engine service name
Operator – It is the user account
Operation – It can be one of following:
- Added
- Changed
- Deleted
- Renamed
- Copied
- Put to production mode
- Put to test mode
- Scanned/Updated
- Events purged
- Suspended
- Re-activated
- Event answered
- Event resolved
- Event Un-Answered
- Master Control Info exported
- Maintenance schedule exported
- Backup/Exported
- Restore/Imported
- Service started
- Service stopped
- Service recycled
- Synchronize
- Security setting updated
- Upgrade
- Successfully upgraded
- Patch
- Download patch file
Workstation – It is the server or workstation where user made the change
SQL tables ARGSOFT_{PRODUCT}_SYSTEM_AUDIT
System Audit information is stored in product specific SQL tables;
For example, ARGSOFT_AAC_SYSTEM_AUDIT for Argent Console, ARGSOFT_AT_SYSTEM_AUDIT for Argent Atlas, ARGSOFT_ARGENT_GUARDIAN_ULTRA_SYSTEM_AUDIT for Argent Guardian Ultra etc
Column | Type | Description |
UUID |
varchar(36) |
Record unique identifier |
CREATE_TIME |
datetime |
Creation time |
MODIFY_TIME |
datetime |
Modification time |
SQL_TABLE |
nvarchar(256) |
Object group |
SQL_RECORD |
nvarchar(256) |
Object name |
SQL_OPERATION |
nvarchar(64) |
Operation |
WORKSTATION |
nvarchar(256) |
Where was the operation done? |
OPERATOR |
nvarchar(256) |
Who did it? |
EXTRA_INFO |
ntext |
Additional Information |
APP_NAME |
nvarchar(256) |
Application name. Reserved for future usage |
OWNER |
nvarchar(256) |
Record owner |
CRC_HIGH |
int |
CRC high DWORD |
CRC_LOW |
int |
CRC low DWORD |
Resolution
N/A