Audit
Introduction
BusinessCraft provides comprehensive security and audit capabilities to facilitate the integrity and security of customer data.
A separate guide explains how to set up and administer system security. This guide explains the auditing capabilities in BusinessCraft.
There are 3 levels of auditing in BusinessCraft:
Activity Auditing
System Auditing
Field Auditing
Please note the access to BusinessCraft Auditing is controlled by BusinessCraft User Security to ensure that Auditing is not activated unnecessarily and audit records are not inappropriately purged.
Activity Auditing
Activity Auditing is switched on automatically when BusinessCraft is installed and tracks the users who have accessed the system including login, logout, menu accessed, start time of access, and where applicable end time of access.
Activity Audit Enquiry
To enquire on Activity Auditing records, go to Security Setup > Audit > Activity Auditing > Activity Audit Enquiry and a Range Criteria screen is displayed providing the option to limit the enquiry to Date, Company, User, Module, Menu and/or Type ranges:
Options in the Type field include Menu (A), Report (B), Record (C) and Login/Logout (D).
After setting any required Range Criteria and pressing OK (F12) to proceed, the Activity Audit Enquiry screen is displayed:
| Date | The Date when the Activity occurred. |
| Time | The Time when the Activity occurred. |
| Company | The BusinessCraft Dataset for which the Activity occurred. |
| User | The User Login that triggered the activity. |
| End Time | Where applicable, the Time when the Activity ended. |
| Module | Where applicable, the BusinessCraft Module that was accessed. |
| Menu | Where applicable, the BusinessCraft Menu that was accessed. |
Click the Enquire option in the Menu Sidebar to obtain additional details on the currently selected record:
Activity Audit Report
To report on Activity Auditing records, go to Security Setup > Audit > Activity Auditing > Activity Audit Report and a Range Criteria screen is displayed providing the option to limit the report to Company, User, Date, Module, Menu and/or Type ranges:
Options in the Type field include Menu (A), Report (B), Record (C) and Login/Logout (D).
After setting any required Range Criteria and pressing OK (F12) to proceed, the BusinessCraft Print Selection screen is displayed providing the option to choose how the report will be produced.
In this case, the Browse in Page Viewer option was chosen from the Output Tab and the BusinessCraft Audit report is displayed:
Activity Audit Purge
To purge Activity Auditing records, go to Security Setup > Audit > Activity Auditing > Activity Audit Enquiry and a prompt is provided to proceed or cancel purging:
After clicking Yes to proceed, a prompt is provided for the date up to and including for which records are to be purged:
The system will not permit a purge cut-off date within 30 days of the current date.
After clicking OK and supplying a date that is not within 30 days of the current date, the purge will proceed and on completion return to the BusinessCraft menu.
System Auditing
System Auditing tracks when BusinessCraft Control Records are changed when BusinessCraft is installed. Other tables to be tracked when changed, must be specified.
Setup
To specify files to be included in System Auditing, go to Security Setup > General > System Registry and the System Registry Editor screen is displayed:
Enter/select System (S) in the Registry Type field and activate the Sections (F5) function key to display the System Registry Sections screen:
Position the cursor on the Environment Section and activate the Properties (F5) function key to display the System Registry Properties for the Environment Section:
Position the cursor on the Extended Property and activate the Lines (F5) function key to display the System Registry Properties for the Extended Property:
Check the Properties screen (scrolling down as necessary) for the QAUDFILEACC,Y property. If the property does not exist, scroll to the last record and click the Add option in the Menu Sidebar to create the property. Press enter in the Typ field and the Registry Properties prompt is displayed.
Enter QAUDFILEACC,Y in the space provided in the Registry Properties prompt and click Save.
Check the Properties screen (scrolling down as necessary) for the QAUDFILEACCLST,[filename(s)] property. If the property does not exist, scroll to the last record and click the Add option in the Menu Sidebar to create the property. Press enter in the Typ field and the Registry Properties prompt is displayed:
Enter QAUDFILEACCLST, followed by the file names to be audited - In this case the Employee Master (EMPMASA) and the Supplier Master (VENMASA) - in the space provided in the Registry Properties prompt and click Save.
Optionally, enter QAUDFILEACP,Y to enable recording the program path into the Audit Log File:
For details on auditing specific fields, please refer to the Field Auditing section of this guide.
System Audit Enquiry
To enquire on System Auditing records, go to Security Setup > Audit > System Auditing > System Audit Enquiry and a Range Criteria screen is displayed providing the option to limit a wide range of criteria:
After setting any required Range Criteria and pressing OK (F12) to proceed, the Activity Audit Enquiry screen is displayed:
| Date | The Date when the Activity occurred. |
| Time | The Time when the Activity occurred. |
| Company | The BusinessCraft Dataset for which the Activity occurred. |
| T | The System Audit Record Type. Types include Error (E), Login (L), Fail (F), Menu (M), Appl (A), Company (C) , Info (I), Record (R), Beta (B) and Exception (E). |
| S | The System Audit Record Sub Type. Sub Types include In (I), Out (O), Fail (F) and Error (E). |
| Sub Code | The Type of Program Activity carried out |
| User | The User login that triggered the System Audit record. |
| File | Where applicable, the BusinessCraft File accessed |
| Comment | Contains additional details in delimited format for the audit record. |
Activate the Spec (F5) function key for additional details for the selected audit record.
Activate the Path (F6) function key to see the call path of the program that triggered the selected audit record.
System Audit Report
To report on System Auditing records, go to Security Setup > Audit > System Auditing > System Audit Report and a Range Criteria screen is displayed providing the option to limit the report to a wide range of criteria:
After setting any required Range Criteria and pressing OK (F12) to proceed, the BusinessCraft Print Selection screen is displayed providing the option to choose how the report will be produced.
In this case, the Browse in Page Viewer option was chosen from the Output Tab and the BusinessCraft Audit report is displayed:
System Audit Purge
To purge System Auditing records, go to Security Setup > Audit > System Auditing > System Audit Purge and a prompt is provided for the date up to and including for which records are to be purged:
After clicking OK a prompt is provided to confirm to proceed with the purge:
After clicking Yes, the purge will proceed and on completion return to the BusinessCraft menu.
Field Auditing
Field Auditing is used to track changes to data in specific fields including the user who changed the data, when the data was changed and the old and new value when the change was made.
Setup
To set up fields to be audited, go to File > Security Setup > Audit > Field Audit Setup and a range criteria screen is displayed providing the option to limit the buffers/fields displayed for records already being audited:
After selecting any range criteria, click OK (F12) to proceed and the system will prompt for a buffer and field to be audited, if no fields are already being audited:
If fields are already being audited then, the BusinessCraft audit screen is displayed immediately with the Buffer and Fields subject to field auditing.
To add more fields to Field Auditing, click the Add option in the Menu Sidebar.
Field Audit Enquiry
To enquire on Field Auditing records, go to Security Setup > Audit > Field Auditing > Field Audit Enquiry and a Range Criteria screen is displayed providing the option to limit a wide range of criteria:
After setting any required Range Criteria and pressing OK (F12) to proceed, the Field Audit Enquiry screen is displayed:
| Date | The Date when the Field Value that changed. |
| Time | The Time when the Field Value that changed. |
| Buffer | The BusinessCraft Table containing the field value that changed. |
| Act | The type of change that triggered the Field Audit Record. Options are Add (A), Change (C), Delete (D). |
| Field Name | The BusinessCraft Field name containing the field value that changed. |
| File Key | The record containing the field value that changed. |
| User | The User login that triggered the Field Audit record. |
Activate the Call Path (F5) function key to see the call path of the program that triggered the selected audit record.
Field Audit Report
To report on Field Auditing records, go to Security Setup > Audit > Field Auditing > Field Audit Report and a Range Criteria screen is displayed providing the option to limit the report to a wide range of criteria:
After setting any required Range Criteria and pressing OK (F12) to proceed, the BusinessCraft Print Selection screen is displayed providing the option to choose how the report will be produced.
In this case, the Browse in Page Viewer option was chosen from the Output Tab and the BusinessCraft Audit report is displayed:
Field Audit Purge
To purge Field Auditing records, go to Security Setup > Audit > Field Auditing > Field Audit Purge and a range criteria screen is displayed to define the limits of the purge:
After clicking OK (F12) the BusinessCraft Print Selection screen is displayed providing the option to choose how the purge report will be produced.
In this case, the Browse in Page Viewer option was chosen from the Output Tab and the BusinessCraft Audit report is displayed:
After existing the BusinessCraft Report Viewer, a prompt is provided to continue with the purge:
Click Yes to purge the records and return to the BusinessCraft menu. Click OK to not purge the records and return to the BusinessCraft menu.
Revision 2
7th November 2018