Auditing?

In chapter 12 of the Resource and Security guide it talks about using user_ids for database authentication instead of a privileged ID. Has anyone done this and if so how well does it work?

Hi Matt,
As you probably know, Lawson Security 9 can audit these:

- Changes made to the security configuration

- Access denials (such as invalid attempts to use HR11)

The security logs in $LAWDIR/system will track user activity, but you have to turn auditing on for that user and read through these rather challenging log files (thousands of lines can be generated for pulling up a list of vendors and viewing an invoice, for example).

I understand that this information is also captured in WebSphere logs, but there is still the issue of how to collect useful information out of the masses of logged data.

Other than those, I’ve looked for years and haven’t been able to find anything delivered by Lawson for this.

If you’re interested in tools written by a Lawson partner company, Kinsey & Kinsey has software that does this:

The Listener (used as part of Kinsey’s automatic Lawson Security build) tracks who connects to which screens and what function code they used, with security classes and a variety of reports showing all of that.

Transaction Auditing – captures before and after values for any field in any screen that you wish to track, together with who, how they connected, date, time, etc.

Best regards,
Dave
(303) 773-3535