6.3 Administration Events that Can Be Audited
The elements that can be monitored are accessible under the root element in the pane.
Audit alarms can be generated for most elements. Table 6-1 describes the administration features with auditing options.
Table 6-1 Administration Features with Auditing Options
|
Administration Feature |
Description |
|---|---|
|
Administration |
Tracks when a script executed on the Operations Center server creates an Audit event. |
|
Adapters |
Tracks creating, deleting, updating, starting and stopping adapters; storing log information; executing scripts; reading seedfiles; processing hierarchy files; and, changing adapter status. |
|
Audit Definitions |
Tracks changes made in enabling or disabling audit functions globally and storing audit data in the Event Data Store. |
|
Automations |
Tracks server-side script executions and errors. |
|
Calendars, Schedules |
Tracks creating, updating, and deleting calendars and schedules, and adding, removing, and updating calendar items. |
|
Console Definitions |
Tracks creating, deleting, and updating definitions. |
|
Database Definitions |
Tracks creating, updating, deleting, enabling, disabling, and reinitializing the schema. |
|
Data Warehouse |
Tracks updating the Warehouse properties, starting and stopping the Warehouse engine, and clearing the backup repository queue, as well as changes to SLA definitions (if BSLM is licensed). |
|
Jobs |
Tracks creating, updating, enabling, deleting, and running jobs. |
|
Operation Definitions |
Tracks creating, deleting, updating, and executing operations. |
|
Profiles and Expressions |
Tracks the creating, updating, and deleting profiles and expressions, as well as starting and stopping profiles and purging the queue of data not yet written to the database. |
|
Saved Analyses |
Tracks saved and deleted analyses (Analyses are available if BSLM is licensed). |
|
Security |
Tracks changes to users, groups, and access control permissions. |
|
Server |
Tracks configuration storage messages, log messages (nonadapter based), and server memory violation messages. Auditing of server log messages can cause significant increases in the amount of audit data stored. |
|
Time Categories |
Tracks updating time categories. |
|
User Sessions |
Tracks users logging in or logging out, and the callback queue status. |
|
View Builder Repository |
Tracks updating, importing, exporting, deleting, and executing View Builder files. |
|
Web Server |
Tracks starting, stopping, and restarting the Web server, as well as updating and restoring the Portal, and removing archived portal configurations. |
The following figure shows audit events for the element. The audit identifies various warnings for memory thresholds and changes to audit settings for the Operations Center server.
Figure 6-1 Alarms View
Audit alarms provide columns of information described in Section 6.7, Viewing Audit Events.
To enable and use Audit features:
-
Enable audit functions globally and set the maximum number of audit alarms to store in memory.
By default, auditing is disabled. Optionally enable storing audit events in the Service Warehouse to maintain a historical record. See Section 6.4, Globally Enabling Auditing and Storage of Audit Events.
-
Select the events to be audited for individual elements. See Section 6.5, Auditing Administration Elements.
-
View audit alarms by using the Alarms view. See Section 6.7, Viewing Audit Events.