Working with Active Auditing

Creating an Audit Rule

To create an audit rule:

  1. Navigate to Auditing > Audit Rules.

  2. Click .

  3. Select a Rule Object Type and a Level.

    Note: To match both Chain Definitions and Process Definitions, select Process Definition from the Rule Object Type dropdown list. (There is no option for auditing Chains only.)

  4. Specify optional match criteria.

  5. Click Save & Close.

Reverting a Change

You can freely revert a change and, even you do so in error, you can revert back to the change again. The following actions allow such reversions:

  • Restore to before change
  • Restore to after change

Note: These two actions are also available via scripting via the methods restoreBefore and restoreAfter on the AuditObject object.

These actions are only visible if there is a record for before and after the change:

  • Object Created: You can only restore to after.
  • Object Modified: You can restore to both before and after.
  • Object Deleted: You can only only restore to before.

To revert a change:

  1. Navigate to Auditing > Audit Trail.
  2. Choose Revert to before change from the context menu of the audit entry you would like to revert.

Example Procedure

To revert changes made to a Chain Definition:

  1. Navigate to Auditing > Audit Rules.
  2. Click .
  3. Select Chain Definition as the Rule Object Type and Full Audit as the Level.
  4. Enter JCprdFin.* into the Name Reg Ex field.
  5. Enter Finance into the Application field.
  6. Select Exact Application from the Application Rule dropdown list.
  7. Click Save & Close.
  8. Navigate to Definitions > Chains.
  9. Click .
  10. Click the Chain Definition tab.
  11. Enter JCprdFinQtrRep into the Name field and select the Application named Finance.
  12. Click Save.
  13. Without closing the editor window, return to the main window and navigate to Auditing > Audit Trail. Note the new entry for the creation of the Chain Definition.
  14. Click if you do not see the new entry.
  15. Return to the Chain Definition editor window and add a Step and a process with the System_Info Process Definition.
  16. Click Save & Close.
  17. In the main window, note the new entries in Audit Trail. Choose Revert to before change from the context menu of the Modified entry of the Chain Definition.
  18. Navigate to Definitions > Chains and inspect the Chain Definition. Note that the Step and the process have vanished.

Tabs and Fields

The following table describes the fields in of each tab of Audit Rule pop-up windows.

Tab Field Description
Audit Rule Rule Object Type Type of object to audit.
Audit Rule Level The level of the auditing (Diff Only or Full Audit).
Audit Rule Name Pattern The name pattern to match objects to be audited.
Audit Rule Name Pattern Match Type The type of match (glob pattern or regular expression) in case-sensitive or insensitive mode.
Audit Rule Application Rule

A rule that lets you match objects based on which Application they belong to.

  • All Objects: Matches any object, regardless of whether it is assigned to an Application.

  • Any Object In An Application: Matches an object if it is assigned to any Application.

  • Exact Application: Matches objects assigned to the specified Application.

  • No Application: Matches an object if it is not assigned to an Application.

  • Sub Application: Matches an object if its assigned Application is a child Application of the Application specified in the Application field.
Audit Rule Application to Match Name of the Application to match.
Audit Rule Partition Pattern The Partition name pattern to match.
Audit Rule Partition Pattern Match Type The type of match (glob pattern or regular expression) in case-sensitive or insensitive mode.
Audit Rule Enabled Enables or disables the audit rule.
Security * Lets you specify who can access/change/remove the audit rule.

Audit rules support the following context menu actions.

Action Description
Edit Security Edit the security of the audit rule.
Delete Delete the audit rule.
Export > Export Export the audit rule into a CAR file.
Export > Export with related objects Export the audit rule into a CAR file including referenced objects.
Promote > Promote to system Promote the object to a remote system.
Promote > Edit further then promote Edit the Export Rule Set prior to promoting.
Promote Promote the audit rule to another Redwood Server instance.
Edit Edit the audit rule.
Disable Disable the audit rule.
New audit rule Create a new audit rule.

The actions are available for audit entries in the audit trail are as follows.

Action Description
Restore to before change Undo the selected and all subsequent changes.
Restore to after change Undo all subsequent changes to the object; in other words restore the object to the state it was after the selected change.
Expand All Expand all audit trail entries in the current filter.
Filter > New Filter Create a new audit trail filter.
Filter > Edit Filter Edit current audit trail filter.
Filter > Delete Delete current audit trail filter.

There are different ways of searching by time:

  • hh:mm: Without a range, the default range is +/- 15 minutes.
  • hh:mm:ss: Without a range, the default range is +/- 1 minute.
  • hh:mm-hh:mm or hh:mm:ss-hh:mm:ss: The range is from start time to end time.

Security

The privileges available in the Security tab are as follows.

For more information, see Security Tab.

Privilege Description
AuditingRule.Create Lets you create auditing rules.
AuditingRule.Delete Lets you delete auditing rules.
AuditingRule.Edit Lets you edit auditing rules.
AuditingRule.View Lets you view auditing rules.