audit

Maintaining audit log for entities split across multiple tables

回眸只為那壹抹淺笑 提交于 2019-12-05 02:07:41
问题 We have an entity split across 5 different tables. Records in 3 of those tables are mandatory. Records in the other two tables are optional (based on sub-type of entity). One of the tables is designated the entity master. Records in the other four tables are keyed by the unique id from master. After update/delete trigger is present on each table and a change of a record saves off history (from deleted table inside trigger) into a related history table. Each history table contains related

Audit trails and implementing SOX/HIPAA/etc, best practices for sensitive data

岁酱吖の 提交于 2019-12-05 01:10:11
问题 I consider myself to be relatively proficient in terms of application design, but I've never had to work with sensitive data. I've been wondering about what the best practices were for audit trails and how exactly one should implement them. I don't have to do it right now, but it'd be nice to be able to confidently talk with a medical company if they ask me to do some work for them. Let's say we have a "school" database, with 'teachers', 'classes', 'students' all normalized in a many-to-many

How would I use an audit trail to display which fields have ever been edited?

女生的网名这么多〃 提交于 2019-12-04 21:50:37
问题 For a project I am working on, I have been asked to create an audit trail of all changes that have been made to records. This is the first time I have had to create an audit trail, so I have been doing a lot of research on the subject. The application will be developed in PHP/MSSQL, and will be low-traffic. From my reading, I have pretty much decided to have an audit table and use triggers to record the changes in the table. The two requirements for display in the application are as follows:

How to implement Auditing/versioning of Table Modifications on PostgreSQL

佐手、 提交于 2019-12-04 11:41:31
问题 We're implementing a New system using Java/Spring/Hibernate on PostgreSQL. This system needs to make a copy of Every Record as soon as a modification/deletion is done on the record(s) in the Tables(s). Later, the Audit Table(s) will be queried by Reports to display the data to the users. I was planning to implement this auditing/versioning feature by having a trigger on the table(s) which would make a copy of the modified row(deleted row) "TO" a TABLE called ENTITY_VERSIONS which would have

Enterprise Data Auditing [closed]

纵然是瞬间 提交于 2019-12-04 05:33:35
Our current enterprise solution is a ASP.NET MVC application driven by the Entity Framework. There are a couple links on how to hook into the change events for auditing. I'm not really interested in this. I'm interested in enterprise level auditing architecture. Those of you with the enterprise level battle wounds, what has been your auditing solutions? Do you serialize objects in databases in a framework. Are you setting up database triggers to audit tables? Do you use a separate database all together so your audit growth doesn't affect your app database? I'm interested in the tried and true

How can I customize the AuditingHandler injected by Spring-Data when using Auditing?

拟墨画扇 提交于 2019-12-04 05:28:29
I'm using Spring Data 1.5 and Auditing. Part of the AuditingEntityListener has a setAuditingHandler method. How can I customize the AuditingHandler and instruct Spring-Data to inject my custom handler instead of the default org.springframework.data.auditing.AuditingHandler ? I've tried instantiating my own AuditingEntityListener in which I inject my own Handler, but that is not doing the job. The default handler is still being injected. I've tried both via XML configuration and JavaConfig to see if one worked better than the other, but neither way works. JavaConfig: @Configuration

How to find out IP address of a given push event in Gitlab

拟墨画扇 提交于 2019-12-04 05:22:19
问题 It's quite easy to impersonate another user in Gitlab. See this topic for more details. It's possible to find out which user performed a push by examining "Activity" log of a repository. But for audit purposes I'd also like to know the IP address from which the push was done. Is it possible in Gitlab CE/EE? 回答1: Pushes done through HTTP(S) You can examine access logs of nginx ( nginx/gitlab_access.log ): 192.168.21.150 - johndoe [19/Dec/2016:08:05:58 +0100] "POST /TEST/test.git/git-receive

When do triggers fire and when don't they

好久不见. 提交于 2019-12-04 03:37:25
Pretty general question regarding triggers in SQL server 2005. In what situations are table triggers fired and what situations aren't they? Any code examples to demonstrate would be great. I'm writing a audit based databases and just want to be aware of any situations that might not fire off the triggers that I have set up for update, delete and insert on my tables. A example of what I mean, UPDATE MyTable SET name = 'test rows' WHERE id in (1, 2, 3); The following statement only fires the update trigger once. Eric When do you want them to fire? CREATE TRIGGER AFTER ACTION That runs after the

Passing ClientInfo/ClientIdentifier on syscontext/connection with Hibernate for audit purposes

…衆ロ難τιáo~ 提交于 2019-12-04 02:35:06
问题 I have a web service which processes inserts/updated data to DB. When client calls this webservice, UserId (currently logged in user to portal) will be sent in Request. I need to pass this userId to Db connection or set it in sys context for Audit purpose . we have existing audit tables and triggers to inserts/updates to Audit table after insert/update on actual table. So to track these changes I need to pass this UserId somehow to connection so that it can be retrieved from DB from Sys

Business Audit log - recommended library or approach? [closed]

[亡魂溺海] 提交于 2019-12-03 23:58:02
do you know any good Java library for audit logging? Or at least good book/article to help choose good approach to build audit log for an application? Library requirements: - define common audit metadata (userId, time, IP, ...) - define audit message types (transaction sent, message received, ...) - lock/sign individual audit messages (for non-repudiation) - search audit log based on metadata - etc. Edit: I'm not looking for automated solution, I'm perfectly happy with calling something like: AuditEvent event = new TransactionSentEvent(userId, account, amount, ...) AuditLog.audit(auditEvent);
订阅 audit