|
<< Click to Display Table of Contents >> Navigation: Concordance > Concordance Administration > Security > Exporting Security Logs |
Security logging generates an audit trail of all changes to the security settings of a Concordance database. The log includes changes to user logins and permissions, importing or exporting security settings, and the start and end of security sessions.
Security logging is database-centered. Each Concordance database has its own security log, so only the actions affecting the security for the specific database are recorded in that database's security log.
Security logging occurs for a database when:
•An administrator in Concordance opens the Security dialog and makes changes to the security settings.
•An administrator in the Concordance FYI Admin Console opens the Management tab and adds or deletes a user from a database, or changes the password for a user belonging to a database.
You can view a database's security log by exporting the log and viewing the log file in Microsoft Excel. Exporting a Concordance database's security log generates the <database>_SecurityLog_Dump.csv file. The .csv file's text format is in the Unicode Standard. Fields are tab-delimited. Exporting a security log copies the information to a file, but does not delete the information from the log.
Security logging is enabled by default for new databases. If you have an existing Concordance database you want to generate security logs, you need to enable security logging for the database. The DumpSLog.exe utility can enable or disable security logging for a database using the /enable or /disable parameter. When you disable security logging for a database, the utility deletes all existing security log information for the database.
The DumpSLog.exe file must be downloaded onto your computer before you can export security logs or enable or disable security logging using the DumpSLog utility. Contact Concordance Technical Support to download the utility.
1.On the Start menu, click Run to open the Run dialog box.
2.Type cmd in the Open field and click OK to open a Windows command prompt.
3.Navigate to the folder containing the DumpSLog.exe file.
4.At the command prompt type DumpSLog "[database path and name]" /enable and then press Enter. Be sure to type quotation marks around the database directory in the command. For example, DumpSLog "C:\Program Files\CloudNine\Concordance 10\Database\COWCO" /enable
1.On the Start menu, click Run to open the Run dialog box.
2.Type cmd in the Open field and click OK to open a Windows command prompt.
3.Navigate to the folder containing the DumpSLog.exe file.
4.At the command prompt type DumpSLog "[database path and name]" /disable and then press Enter. Be sure to type quotation marks around the database directory in the command. For example, DumpSLog "C:\Program Files\CloudNine\Concordance 10\Database\COWCO" /disable
When security logging is disabled in a database, on the Security log tab in the Security dialog box in Concordance, the Export security log button is disabled the and following message is displayed at the bottom of the Security log tab: Security logging is not enabled for this database.
There are two ways to export the security log. You can export the file from:
•Concordance on the Security log tab of the Security dialog
•A Microsoft Windows command line using the DumpSLog utility. This option can be used if you want to dump security log information using a script, unattended, or in a batch process. The DumpSLog.exe file must be downloaded onto your computer before you can export security logs or enable or disable security logging using the DumpSLog utility. Contact Concordance Technical Support to download the utility.
1.Open the database in Concordance.
2.On the File menu, point to Administration, and click Security. The Administration dialog displays.
3.In the User field, type the administrator user ID.
4.In the Password field, type the administrator password.
5.Click OK to open the Security dialog box.
6.Click the Security log tab. The Destination file displays where the <database>_SecurityLog_Dump.csv log file will be created. The Destination file defaults to the directory where the database files are stored. You can edit the log file destination and file name.
7.Click Export security log to generate the <database>_SecurityLog_Dump.csv log file.
8.When the export finishes, the number of rows exported is displayed below the Export security log button.
1.On the Start menu, click Run to open the Run dialog box.
2.Type cmd in the Open field and click OK to open a Windows command prompt.
3.Navigate to the folder containing the DumpSLog.exe file.
4.At the command prompt type DumpSLog.exe and then press Enter.
5.The DumpSLog Help dialog opens and displays the DumpSLog utility's command syntax and examples. The DumpSLog utility allows dumping security log information using a script, unattended, or in a batch process. Determine what options you want to use to generate the security log.
5.Click OK to return to the command prompt.
6.Type the security log command you want to use and press Enter. Be sure to type quotation marks around the database directory in the command. For example, DumpSLog "C:\Program Files\CloudNine\Concordance 10\Database\COWCO"
7.The <database name>_SecurityLog_Dump.csv log file is created in the same directory as the database.
Security logs should be purged on a regular basis for optimal database performance. Security logging information is stored in a table within the .trk file, and if the security log becomes too large, it can slow down the overall performance of the database. The DumpSLog.exe utility can delete database security logs using the /purge parameter. When you purge a databases security log, the utility deletes all existing security log information for the database.
1.On the Start menu, click Run to open the Run dialog box.
2.Type cmd in the Open field and click OK to open the Windows command prompt.
3.Navigate to the folder containing the DumpSLog.exe file.
4.At the command prompt type DumpSLog "[database path and name]" /purge and then press Enter. Be sure to type quotation marks around the database directory in the command. For example, DumpSLog "C:\Program Files\CloudNine\Concordance 10\Database\COWCO" /purge
The security log contains the following fields:
•RowID
•UniversalTime
•UserID
•UserDomainLogin
•UserComputerName
•UserIDAffected
•EventName
•EventDetail
Security Log Event Types:
EventName |
EventDetail (with sample data) |
|---|---|
FieldRights |
STARTPAGE:RW,ENDPAGE:R-. |
MenuAccess |
Disabled: FILE |
UserDeleted |
SmithJH, Legal/SmithJH |
UserAdded |
SmithJH, Legal/SmithJH |
RightsExport |
To: <file path> |
RightsImport |
Begin import from: <file path> |
RightsImport |
End import from: <file path> |
SessionStarted |
Settings: SecurityEnabled=0 LogonRequired=0 |
SessionEnded |
Settings: SecurityEnabled=0 LogonRequired=0 |