ServoyCloud Support Samples Open Source Community

Audit Logging

Last updated 21 hours ago

Was this helpful?

Audit Logging

Overview

Audit logging in Servoy enables tracking and recording of key events related to database tables, including data changes (inserts, updates, deletes) and data access (selects). This information is stored in a designated log table, which can reside in the same or a separate database server.

By configuring audit logging, developers can:

Ensure Compliance: Meet regulatory requirements like the HIPAA Security Rule by tracking data views and changes.
Monitor Data Changes: Capture and analyze changes to the data for debugging, operational insights, or analytics.
Use Audit Log Data: Build forms against the log table, allowing users to review historical data changes or access modified records.

The log table is a standard database table, and its structure provides detailed tracking, including timestamps, action types (e.g., insert, update, delete, view), affected tables and columns, and user identifiers. Developers can also configure client statistics logging to track user connections and disconnections, enhancing system monitoring.

Performance Note: Logging introduces a performance impact, especially for high-traffic solutions. Using a separate database for the log table can help mitigate this impact by optimizing for insert operations and enabling independent backup or archiving strategies.

Configuring Audit Logging

To enable and configure audit logging in Servoy, follow these steps:

Set up a Log Server:
- Go to the database server configuration page in Servoy Developer.
- Select a database server to act as the log server, check the Log Server option and save the change
- Click the Create Log Table button to generate a log table in the selected database server.
Note: Using a separate database server for the log table can improve performance and allow for optimized backup or archiving strategies.
Enable Table Tracking:
- Open the desired table in the table editor.
- Navigate to the Security tab.
- Under the selected group's table settings, enable:
  - Tracking (Insert/Update/Delete) to log changes such as adds, edits, or deletes.
  - Tracking (Select) to log data reads or views.
Log Configuration Recommendations:
- Use a separate database for the log table if performance is critical.
- Optimize the log database for insert operations, as most audit logging involves adding new records.
- Plan a strategy for backing up or archiving large log tables.

Using Audit Log Data

The audit log data is stored in a table called log, which is a standard database table. Developers can build forms or scripts to interact with this data, making it accessible for reporting or troubleshooting.

Below are the columns in the log table and their descriptions:

Column

Description

event_time

The timestamp of the event (insert, update, delete, or select).

log_id

A unique, auto-incrementing identifier for the log record.

log_action

The action type: 1=delete, 2=insert, 3=update, 4=view.

server_name

The name of the database server where the action occurred.

table_name

The name of the affected table.

column_name

The name of the affected column (if applicable).

pk_data

The primary key data of the affected record.

old_data

The value of the data before the change (null for views).

new_data

The value of the data after the change or the viewed data.

user_uid

The unique identifier of the user who performed the action.

Tip: This table can be used to access and restore any changed record in the database.

Logging Client Statistics

Servoy also logs client connections and disconnections in a table called client_stats.

This table can be created by clicking the Create Client Statistics Table button in the log server editor.

By default, this feature is enabled and tracks the following information:

Column

Description

pk_id

A unique identifier for the log entry.

server_ip

The IP address of the Servoy Application Server.

server_name

The hostname of the server.

total_clients_running

The number of active clients at the time of the log entry.

client_id

A unique identifier for the client.

start_time

The timestamp when the client connected.

stop_time

The timestamp when the client disconnected.

extra_info

A column used to detect alterations to the logging data.

user_uid

The unique identifier of the logged-in user.

Managing Client Statistics Logging

Enable/Disable

This logging is enabled by default but can be disabled in the admin page under "Admin Settings":

Primary Key Configuration

By default, servoy-sequence is used for key generation, but it can be customized to use UUIDs or database-sequence.

PreviousRuntime Permissions NextOAuth

Last updated 21 hours ago

Was this helpful?

Overview

By configuring audit logging, developers can:

Ensure Compliance: Meet regulatory requirements like the HIPAA Security Rule by tracking data views and changes.
Monitor Data Changes: Capture and analyze changes to the data for debugging, operational insights, or analytics.
Use Audit Log Data: Build forms against the log table, allowing users to review historical data changes or access modified records.

Configuring Audit Logging

To enable and configure audit logging in Servoy, follow these steps:

Set up a Log Server:
- Go to the database server configuration page in Servoy Developer.
- Select a database server to act as the log server, check the Log Server option and save the change
- Click the Create Log Table button to generate a log table in the selected database server.
Note: Using a separate database server for the log table can improve performance and allow for optimized backup or archiving strategies.
Enable Table Tracking:
- Open the desired table in the table editor.
- Navigate to the Security tab.
- Under the selected group's table settings, enable:
  - Tracking (Insert/Update/Delete) to log changes such as adds, edits, or deletes.
  - Tracking (Select) to log data reads or views.
Log Configuration Recommendations:
- Use a separate database for the log table if performance is critical.
- Optimize the log database for insert operations, as most audit logging involves adding new records.
- Plan a strategy for backing up or archiving large log tables.

Using Audit Log Data

Below are the columns in the log table and their descriptions:

Column

Description

event_time

The timestamp of the event (insert, update, delete, or select).

log_id

A unique, auto-incrementing identifier for the log record.

log_action

The action type: 1=delete, 2=insert, 3=update, 4=view.

server_name

The name of the database server where the action occurred.

table_name

The name of the affected table.

column_name

The name of the affected column (if applicable).

pk_data

The primary key data of the affected record.

old_data

The value of the data before the change (null for views).

new_data

The value of the data after the change or the viewed data.

user_uid

The unique identifier of the user who performed the action.

Tip: This table can be used to access and restore any changed record in the database.

Logging Client Statistics

Servoy also logs client connections and disconnections in a table called client_stats.

This table can be created by clicking the Create Client Statistics Table button in the log server editor.

By default, this feature is enabled and tracks the following information:

Column

Description

pk_id

A unique identifier for the log entry.

server_ip

The IP address of the Servoy Application Server.

server_name

The hostname of the server.

total_clients_running

The number of active clients at the time of the log entry.

client_id

A unique identifier for the client.

start_time

The timestamp when the client connected.

stop_time

The timestamp when the client disconnected.

extra_info

A column used to detect alterations to the logging data.

user_uid

The unique identifier of the logged-in user.

Managing Client Statistics Logging

Enable/Disable

This logging is enabled by default but can be disabled in the admin page under "Admin Settings":

Primary Key Configuration

By default, servoy-sequence is used for key generation, but it can be customized to use UUIDs or database-sequence.