Key takeaways from this blog:
What is Documentum Audit Management?
In the realm of document management and security, Documentum Audit Management stands as an alert beacon, keeping a vigilant watch over every event within a repository or application. Let's uncover the layers of this powerful tool and explore how it not only ensures security but also offers unparalleled insights into organizational workflows.
Understanding the Scope of Audit Information:
Audit information serves a myriad of purposes, offering the ability to:
It's essential to note that effective audit management requires extended user privileges, and the Audit Management page can be accessed through the Administration menu.
Audit events:
An event is something that happens to an object in the repository, or an operation defined as an event by a user-written application. There are two types of events:
System events are events that Content Server recognizes and can audit automatically. For example, checking in a document can be an audited system event. When an audited system event occurs, Content Server automatically generates the audit trail entry. Documentum provides a large set of system events that are associated with API methods, lifecycles (business policies), workflows, and jobs.
Application events are events that are recognized and audited by client applications. For example, a user opening a particular dialogue can be an audited application event. To audit application events, an application must recognize when the event occurs and create the audit trail entry programmatically. Application events are not recognized by Content Server.
The Anatomy of Audit Trails:
An audit trail is a recorded history of event occurrences that have been marked for auditing. Each occurrence is recorded in one audit trail record. The server stores audit trail records as objects in the repository. Auditing an event stores pertinent data in the audit trail object, such as when the event occurred and what object was involved. Audit trail entries are generated after auditing is set up and can consume considerable space in the repository. Therefore, audit trail entries should be removed from the repository periodically.
Audit Properties:
Once the properties are registered, the property name and new value are recorded in the attribute list property of the audit trail entry. Old property values are only included automatically if the audit old values property in the docbase config object is enabled. The property name and old value are recorded in the attribute_list_old property of the audit trail entry. The audit_old_values property is enabled by default. If the audit_old_values property is disabled, the audit trail entry does not record changes to properties unless they are specifically registered for auditing when the event is registered. Aspect attributes can also be audited. Auditing is available for aspect attributes, attached to SysObject, user, group, and acl objects, and any of their associated subtypes; Auditing aspect attributes requires that auditing is also enabled for the object type or subtype.
Default Audited Events:
Content Server audits the following events by default:
Configuring Auditing:
Documentum offers three approaches to auditing:
Audit Management Job:
The Audit Management tool automates the removal of unneeded audit trail entries, enhancing performance. It runs under the Documentum installation owner's account and requires Purge Audit privileges. Guidelines for configuring cutoff days and custom predicates help manage the deletion of audit trail objects efficiently.
To summarize:
Documentum's Audit Management is a powerful tool for organizations seeking to bolster security, monitor activities, and gain insights into their repositories. By understanding the nuances of auditing, organizations can tailor their approach to meet specific security and compliance requirements. Regular maintenance and thoughtful configuration ensure that audit trails remain effective without overwhelming the repository. With security and strategic insights at its core, Documentum Audit Management emerges as a cornerstone in the realm of document management systems.
Next Reading