Auditing Changes to Lawson Environment

 3 Replies
 0 Subscribed to this topic
 15 Subscribed to this forum
Sort:
Author
Messages
PZ
Basic Member
Posts: 8
Basic Member
    Our company is using LSF 9 and we are trying to implement a program that will allow us to audit changes made to our Lawson environment.  Someone was kind enough to provide us with the syntax to run a UNIX command which pulls a list of all files that have been modified in the "lsfprod" folder for the period we specify.  We have taken that output and filtered the results by file extension but aren't really sure what types of files we should be focusing on and could use some guidance.  Ideally we would like to audit changes made to "critical" areas of the system and know who made the changes.

    Is anyone out there doing something similar?  I searched the forum and couldn't find much on the topic.  We are a NFP on a tight budget so we can't afford to purchase an external solution like the Machensoft product I came across.
    Norm
    Veteran Member
    Posts: 40
    Veteran Member
      Are you specifically talking about the Lawson environment? I consider this to be primarily the folders like GENDIR (and also the Websphere install/deploy directories). Or are you talking about the Lawson application? I consider these to be the source and object files, which tend to be in directories underneath LAWDIR.

      I deal with more audit groups than I can shake a stick at (and I've shaken many a stick in my day). In all cases, they're concerned with the second set of files. We've got many things in place to ensure that only a small group of people (System Admins) can touch those files.

      If you're talking about application files, I'd expect the file extensions you'd be seeing are things like PS, WS, .scr, .rpt for source and .xml and .gnt for objects.

      If you provide me with a bit more detail, maybe I can be of more help. Our approach is that, with the exception of our UNIX administrators (2 people) and our Lawson administrators (2 people), nobody else has the capability of affecting production directly.

      Greg Moeller
      Veteran Member
      Posts: 1498
      Veteran Member
        You may want to check out FCheck available here:
        http://www.geocities.com/fcheck2000/fcheck.html
        Ganram1
        New Member
        Posts: 1
        New Member
          Yes, I think you are on the right track,  this is byfar the most feasible approach I have seen accross a number of my clients.  The other things you can potentially consider are reviewing the sec.log and install.log (there should be a change control or trouble ticket for turning on/off security or an entry to install.log).