Security Reports For Auditors

 2 Replies
 0 Subscribed to this topic
 68 Subscribed to this forum
Sort:
Author
Messages
tambrosi
Veteran Member
Posts: 55
Veteran Member

    Hello All,  

       Our auditors are asking us to produce a security report that will show users that get a "Security Violation".   We have been looking around but cannot find a report that would satify that criteria.  

    Would somebody know if a report like that is available, or can that data be captured in security log someplace.  I looked thru the security logs, but nothing is really showing up.   

    Any help would sure be appreciated.

    Thanks

    Terry

     

    Brian Allen
    Veteran Member
    Posts: 104
    Veteran Member

      In Lawson Security under Server Management | Server | Auditing + Logging, there's an option for Auditing ON.  If you check the Access Denials option, then going forward you can report on denials from the LSAUDIT table in Logan.  

      If you enable this option, I would monitor the size of LSAUDIT every few months to check it's growth.  We purge older records every 6 months or so.

      tambrosi
      Veteran Member
      Posts: 55
      Veteran Member

        Hi Brian, thanks for the info.   We turned that on and looked at the table---but I am not sure on how to interpret the data.  I was expecting more detail. 

        that user trainlaw2 has very minimal security,  For PR26.1, they are not authorized. 

        On the OBJECT_Secured.PROCLEVEL.trainlaw2---Came thru an HR11 tran where that user can only see certain employees.   

        Is there any doc on that, the LSF manually did not explain it.  

        Any help would be appreciated.

        Thanks

        Terry