An audit Trail refers to a security-relevant chronological record/s or a source of records that provide evidence in the form of documentation of a specific operation, procedure, or event.
In the OvalEdge application, the Audit Trail helps you to understand the history of activities performed within OvalEdge. With the Audit Trails, you can understand who had done a particular activity, when it was done, and analyze the activity summary.
You can navigate to Audit Trail via, Administration > Audit Trail.
You can audit the following activities:
- Users (Logins & User Roles)
- Catalog (Terms, Tags, Data objects, Codes, and Custom Fields)
- Connectors
- Remote (Roles, Users, Policies, Object Privileges, and Object Policies)
- Governance Catalog (Tags, Terms, and Domains)
Users
The User Audit Trails display the activities related to the user logins and user roles.
User- Logins
Whenever a user logs in, details such as login ID, IP address, Login time, logout time and duration (in mins), and login status (success/failed attempt) are recorded and displayed on the Administration > Audit Trail > User - Logins Page.
Example: Peter Scot, an OvalEdge application user logs in to the application on 2nd September 2022, 11:41:22 am, and logs out at 12:12:10 pm. The audit trails for Logins display the following
|
Login ID |
IP Address |
Login Time |
Logout Time |
Duration |
Login Status |
|
Peter Scot |
123.12.124.14 |
11:41:22 am |
12:12:10 pm |
00:30:48 |
Success |
The results can be sorted by Login ID, IP address, Login Time, Logout Time, and Duration in both ascending and descending order.
User- User Roles
Whenever the roles related to a user are changed, details such as User ID (user for whom roles are changed), Updated Roles (new or modified roles), Updated By (the user who has made the changes), Updated On (date and time) and Action (add/delete) are recorded and displayed here.
Example: Peter Scot is an OvalEdge application user, and the OE_ADMIN and MRDW roles were assigned to him initially. Now Peter has added the OE_PUBLIC role to himself and deleted MRDW Role on 2nd September 2022 at 12:43:45 pm. So the Audit Trail for the User Roles displays the following:
|
User ID |
Updated Roles |
Updated By |
Last Updated Date |
Action |
|
Peter Scot |
OE_PUBLIC |
Peter |
2022-09-02 12:43:45 pm |
ADD |
|
Peter Scot |
MRDW |
Peter |
2022-09-02 12:43:45 pm |
DELETE |
You can sort the results by User ID and Updated On fields in both ascending and descending order.
Catalog
The Catalog Audit Trails display the action performed with the Terms, Tags, Data Objects, Queries, and Custom Fields.
Catalog- Terms
Whenever a term is associated or disassociated from an object, details such as object name, object type, term, action, updated by, and audit date (date and time when the changes are made) are recorded and displayed on the Audit Trail > Catalog > Terms.
The results can be sorted by Object Name, Object Type, Term, and Audit Date fields in ascending and descending order.
Example: Peter Scot is an OvalEdge application user, and he has associated the term 100% marks (the term is from the Education domain) to the IPEDS report and removed the term School (the term is from the Education domain) from the data object Student_Identifier Table Column on 9th Sept 2022 at 06:20:40 pm. So the Audit Trail for the Catalog-Terms will be as follows
|
Object Name |
Object Type |
Term |
Action |
Updated By |
Audit Date |
|
IPEDS |
Report |
Education.100% mark |
ADD |
Peter.scot@ovaledhe.com |
2022-09-02 06:20:40 pm |
|
Student_identifier |
Table Column |
Education.School |
DELETE |
Peter.scot@ovaledhe.com |
2022-09-02 06:20:40 pm |
Catalog- Tags
Whenever a tag is associated or disassociated from an object, details such as object name, object type, tag, action, updated by, and audit date (date and time when the changes are made) are recorded and displayed on the Audit Trail > Catalog > Tags.
The results can be sorted by object name, object type, tag, and audit date fields in ascending and descending order.
Example: Peter Scot is an OvalEdge application user, and he has associated the tag tagger to the bhg report and removed the tag tag223 from the data object Student_Identifier Table Column on 9th Sept 2022 at 06:20:40 pm. So the Audit Trail for the Catalog-Tags will be as follows
|
Object Name |
Object Type |
Tag |
Action |
Updated By |
Audit Date |
|
bhg |
Report |
tagger |
ADD |
Peter.scot@ovaledhe.com |
2022-09-02 06:20:40 pm |
|
Student_identifier |
Table Column |
tag223 |
DELETE |
Peter.scot@ovaledhe.com |
2022-09-02 06:20:40 pm |
Catalog- Data Objects
The Data Objects tab displays the changes performed to the data objects, such as insertion, deletion, or updating. It displays the connection name, object type, object Id, object name, and action; the property changed, the property changed to, Updated by, and updated on (date and time when the changes are made).
Note: For any object type, Audit Trails > Data objects will also record the insertions and deletions of users (users with defined governance roles). So, the audit trail will record the changes whenever a user updates the governance roles.
Example: The owner of the Cali vs Texas report is changed from Harry to Peter Scot by Scot on 9th Sept 2022 at 06:20:40 pm. So the Audit Trail for the Catalog-Data Objects will be as follows
|
Connection Name |
Object Type |
Object Id |
Object Name |
Action |
Property Changed |
Property Changed to |
Updated By |
Updated On |
|
Tableau |
Report |
1000 |
Cali vs Texas |
UPDATED |
Owner |
Peter Scot |
Peter scot |
2022-09-02 06:20:40 pm |
|
Tableau |
Report |
1000 |
Cali vs Texas |
DELETED |
Owner |
Harry |
Peter scot |
2022-09-02 06:20:40 pm |
Catalog- Codes
Whenever you execute or download a query, the audit date is recorded and displayed in Audit Trail > Catalog > Queries with the code name, Code, Username of who has executed the query, type of query (for example, SQL), query name, and the query (for example, insert query).
Catalog- Custom Fields
Displays the Custom field-associated object and audit details for any update in the custom fields.
The object name field displays the associated data object name and the hyperlink, navigating to the Data object summary page.
Note: Audit Trail > Catalog is implemented with the ‘Custom Field’ tab to capture the value changes done to the custom field type.
Connectors
The Crawler Audit Trails record the details such as Connection Name, Connection Type, Action, Updated By, Audit Date, and Created By, in case of addition or deletion of a connection to the application.
Example: If you have added an S3 connection to your application, the crawlers page will display the information mentioned below.
|
Connection Name |
Connection Type |
Action |
Updated By |
Audit Date |
Created Date |
|
S3 |
File |
ADD |
Admin |
2022-05-27 06:41:24 pm |
Admin |
The results can be sorted by connection name and audit date fields in both ascending and descending order.
Remote
The remote Audit trails display the changes made in the connection at the source/remote with respect to Roles, Users, Policies, Object Privileges, and object Policies.
Remote - Roles
Whenever remote roles are added or removed in the remote connection (Such as Snowflake), Remote Role, OvalEdge Role, Source, Action taken (added or removed), Remarks, Updated By (the user who has made the change), and Audit Date are recorded and displayed on the Audit Trail > Remote > Roles.
Remote - Users
Whenever remote users with a small role are added or removed with respect to remote connection (Such as Snowflake), Remote User, OvalEdge User, Remote Roles, Source, Action taken (added or removed), Remarks, Updated By (the user who has made the change) and Audit Date are recorded and displayed Audit Trail > Remote > Users.
Remote - Policies
Whenever remote policy gets added or removed with the privileges to create a masking policy in the remote connection (Such as Snowflake), Schema Name (Name of schema for which is policy is added or removed), Policy Name, Source Code, Action taken (policy added or failed), Remarks, Updated by (the user who has made the change) and Audit Date are recorded and displayed on the Remote > Policies tab.
Remote - Object Privileges
Whenever any changes are made to the Privileges (Added or deleted) for a specific Data Object in the Remote Connection, the Connection Name, Object Name, Object Type, Privilege (Create, Select, Usage, View details), Access to, Access to Type, Action, Remarks, Updated By and Audit date are displayed on the Remote > Object Privileges. It refers to the permissions available for the Data Object
Remote - Object Policies
The Objects associated with remote policies are displayed on the Remote > Object Policies tab along with the Connection Name, Schema Name, Object Name, Object Type, Policy Name, Action was taken, Remarks, Updated By, and Audit Date.
Governance Catalog
Catalog- Tags
Whenever a tag is created or deleted in the Tags module, details such as Tag name, Tag type (Non-assignable Tags, Data asset group, and Tags), action, action details, updated by, and audit date are recorded and displayed on the Audit Trail > Governance Catalog > Tags.
The results can be sorted by Tag Name, Tag Type, Action, Action Details, and Audit Date in ascending and descending order.
Example: Peter Scot, an OvalEdge application user created a testtag, and then deleted the same tag on 9th Sept 2022 at 06:20:40 pm. So the Audit Trail for the Governance Catalog-Tags will be as follows
|
Tag |
Type |
Action |
Action Details |
Updated By |
Audit Date |
|
testtag |
Tag |
ADD |
testtag tag Added |
Peter.scot |
2022-09-02 06:20:40 pm |
|
testtag |
Tag |
DELETE |
testtag tag Deleted |
Peter.scot |
2022-09-02 06:20:40 pm |
Catalog- Terms
Whenever a term is created or deleted in Business Glossary, details such as Term, action, action details, updated by, and audit date are recorded and displayed on the Audit Trail > Governance Catalog > Terms.
The results can be sorted by Term, Action, Action Details, and Audit Date in ascending and descending order.
Example: Peter Scot, an OvalEdge application user created a QA term, and then deleted the same term on 9th Sept 2022 at 06:20:40 pm. So the Audit Trail for the Governance Catalog-Terms will be as follows
|
Term |
Action |
Action Details |
Updated By |
Audit Date |
|
QA |
ADD |
QA term Added |
Peter.scot |
2022-09-02 06:20:40 pm |
|
QA |
DELETE |
QA term Deleted |
Peter.scot |
2022-09-02 06:20:40 pm |
Catalog- Domains
Whenever a domain is created or deleted in the application, details such as Domain, Type, action, action details, updated by, and audit date are recorded and displayed on the Audit Trail > Governance Catalog > Domains.
The results can be sorted by Domain, Type, Action, Action Details, and Audit Date in ascending and descending order.
Example: Peter Scot, an OvalEdge application user created a Banking Domain, and then deleted the same domain on 9th Sept 2022 at 06:20:40 pm. So the Audit Trail for the Governance Catalog-Terms will be as follows
|
Domain |
Type |
Action |
Action Details |
Updated By |
Audit Date |
|
Banking |
Governance_Catalog |
ADD |
Bankng domain Added |
Peter.scot |
2022-09-02 06:20:40 pm |
|
Banking |
Governance_Catalog |
DELETE |
Banking domain Deleted |
Peter.scot |
2022-09-02 06:20:40 pm |
Audit Trail Activities
The Audit Trail details can be archived for better performance of the application. OvalEdge application allows you to archive the data objects in multiple ways.
- Administration > Advanced Job- Audit Data Archival is available in the application to archive the Audit Trail data.
- Administration > Configuration- In the Administration > Configuration > Audit Data Archival, you can add a archival policy to archive the Audit trail details. This feature includes the data retention period to archive the logs for over a period, it could be a month or a year. Once the retention period for a particular data set expires, it will be deleted, and the users have the option to archive the logs in CSV or SQL format. The Audit data Archival Configuration displays the current row count, days to retention, archive before delete, CSV, SQL, and last archive date.
Copyright © 2019, OvalEdge LLC, Peachtree Corners GA USA