Scribd
Upload
816 views

Documentum Audit Facility: Documentum Auditing Built-In Mechanism

Documentum provides a built-in auditing mechanism that records system and custom application events to the audit trail. The audit trail contains dm_audittrail objects that store information about each audited event like the user, time, and object affected. Administrators can configure which events are audited, view and purge past audit entries, and sign entries for additional security. The size of the audit trail must be monitored and purged regularly.

Uploaded by

mmarkovic
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
816 views

Documentum Audit Facility: Documentum Auditing Built-In Mechanism

Documentum provides a built-in auditing mechanism that records system and custom application events to the audit trail. The audit trail contains dm_audittrail objects that store information about each audited event like the user, time, and object affected. Administrators can configure which events are audited, view and purge past audit entries, and sign entries for additional security. The size of the audit trail must be monitored and purged regularly.

Uploaded by

mmarkovic
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 13

Documentum Audit Facility

Documentum auditing built-in mechanism


Author: Milan Markovic

Introduction

Auditing is a security feature that allows you to monitor events that occur in a repository or application. Events are operations performed on objects in a repository or something that happens in an application.

Event types
1. System events - more than 100 predefined events (e.g dm_checkin, dm_checkout, dm_save, dm_link, dm_destroy) 2. Application events Custom, tailored application actions occurance (performed search actions)

Audit trail

An audit trail is the history of an audited event. Each occurrence of an audited event is recorded in one entry in an audit trail. dm_audittrail object Derived types - dm_audittrail_acl and dm_audittrail_group

dm_audittrail object
event_name event_source i_audited_obj_class audited_obj_vstamp audited_obj_id user_name time_stamp string_1 string_2 string_3 string_4 string_5 id_1 id_2 id_3 id_4 id_5

Extended user privileges


By default, neither the Docbase owner nor the Superuser have any of these extended permissions The extended privileges are stored as an integer in the user_xprivileges attribute of the dm_user object.

Level

Name

Description

Config Audit

User can execute the methods to start and stop auditing.

16

Purge Audit

User can remove audit trail entries from the repository.

32

View Audit

User can view audit trail entries.

Registering an Audit
Every time an Audit method is successfully invoked, a new record is recorded in the dmi_registry object. Content Server takes care of creating the Audit Trail entries when the registered events occur. The responsibility of the application is to know when an Application Event has occurred and to manage the creation of Audit Trail entries. It is recommended to have specified application events in dmi_registered object so could be easily configurable.

Auditing properties

Whether you register properties for auditing when you start auditing for the event. Whether the audit_old_values property in the docbase config object is set to true or false. The default for this property is T (true).

Signing audit trail entries

Added security feature, audit trail entries can be signed by Content Server. Signing an entry increases security by making it possible to detect whether the entry was changed after it was saved to the repository. This involves computing a hash for the contents, encrypting the hash with the Application Encryption Key (AEK) for the Content Server, and storing the encrypted hash in the audit_signature attribute of the dm_audittrail entry. Supports use of Electronic Signature feature

Removing audit trail entries

Monitor the size of the audit trail carefully! Archive audit data that you want to keep by copying it or moving it out of the audit trail. Purge audit trail objects using Management Audit Trail Tool. Purging an audit trail entry is always audited. It is not possible to stop auditing this event.

Manage auditing using Documentum Administrator

Search Audit

Q&A

Questions and Answers

You might also like