Audit Logging

Overview

Audit logging in Servoy enables tracking and recording of key events related to database tables, including data changes (inserts, updates, deletes) and data access (selects). This information is stored in a designated log table, which can reside in the same or a separate database server.

By configuring audit logging, developers can:

Ensure Compliance: Meet regulatory requirements like the HIPAA Security Rule by tracking data views and changes.
Monitor Data Changes: Capture and analyze changes to the data for debugging, operational insights, or analytics.
Use Audit Log Data: Build forms against the log table, allowing users to review historical data changes or access modified records.

The log table is a standard database table, and its structure provides detailed tracking, including timestamps, action types (e.g., insert, update, delete, view), affected tables and columns, and user identifiers. Developers can also configure client statistics logging to track user connections and disconnections, enhancing system monitoring.

Performance Note: Logging introduces a performance impact, especially for high-traffic solutions. Using a separate database for the log table can help mitigate this impact by optimizing for insert operations and enabling independent backup or archiving strategies.

How Audit Logging Works

In Servoy, audit logging captures specific actions performed on database tables — such as inserts, updates, deletes, and even data views — and records them in a special log table. This allows developers or administrators to track how data changes over time and who made those changes.

The system logs these actions automatically only when explicitly enabled, and only for users who have permissions configured for tracking.

Configuring Audit Logging

To enable and configure audit logging in Servoy, follow these steps:

Set up a Log Server:
- Go to the database server configuration page in Servoy Developer.
- Select a database server to act as the log server, check the Log Server option and save the change
- Click the Create Log Table button to generate a log table in the selected database server.

Note:\
Using a separate database server for the log table can improve performance and allow for optimized backup or archiving strategies.

Enable Table Tracking:
- Open the desired table in the table editor.
- Navigate to the Security tab.
- Under the selected permissions' table settings, enable:
  - Tracking (Insert/Update/Delete) to log changes such as adds, edits, or deletes.
  - Tracking (Select) to log data reads or views.
Log Configuration Recommendations:
- Use a separate database for the log table if performance is critical.
- Optimize the log database for insert operations, as most audit logging involves adding new records.
- Plan a strategy for backing up or archiving large log tables.

Application of Permissions

Audit logging is governed by table-level security settings. For each permission type (e.g., administrators, staff, limited users), you can choose whether to track:

Data changes (insert, update, delete)
Data views (select)

These settings are configured in the Security tab of the table editor and apply per permission type. For example:

Administrators might have tracking enabled for all actions.
Other permissions types might only have changes tracked, or no tracking at all.

As a result, audit logging in Servoy is both selective and permission-based — it only logs activity when the developer has chosen to track it, and only for the specified permission types.

Using Audit Log Data

The audit log data is stored in a table called log, which is a standard database table. Developers can build forms or scripts to interact with this data, making it accessible for reporting or troubleshooting.

Below are the columns in the log table and their descriptions:

Column

Description

event_time

The timestamp of the event (insert, update, delete, or select).

log_id

A unique, auto-incrementing identifier for the log record.

log_action

The action type: 1=delete, 2=insert, 3=update, 4=view.

server_name

The name of the database server where the action occurred.

table_name

The name of the affected table.

column_name

The name of the affected column (if applicable).

pk_data

The primary key data of the affected record.

old_data

The value of the data before the change (null for views).

new_data

The value of the data after the change or the viewed data.

user_uid

The unique identifier of the user who performed the action.

Tip: This table can be used to access and restore any changed record in the database.

Logging Client Statistics

Servoy also logs client connections and disconnections in a table called client_stats.

This table can be created by clicking the Create Client Statistics Table button in the log server editor.

By default, this feature is enabled and tracks the following information:

Column

Description

pk_id

A unique identifier for the log entry.

server_ip

The IP address of the Servoy Application Server.

server_name

The hostname of the server.

total_clients_running

The number of active clients at the time of the log entry.

client_id

A unique identifier for the client.

start_time

The timestamp when the client connected.

stop_time

The timestamp when the client disconnected.

extra_info

A column used to detect alterations to the logging data.

user_uid

The unique identifier of the logged-in user.

Managing Client Statistics Logging

Enable/Disable

This logging is enabled by default but can be disabled in the admin page under "Admin Settings":

PreviousRuntime Permissions NextOAuth

Last updated 19 days ago

Was this helpful?