An audit is typically a chronological set of records that provides a conclusive set of evidence on how a system reached its current state. The audit often includes information on the kind of data that was extracted from a system during the auditing period.
Collecting audit information is particularly important in systems that contain financial or sensitive information and risk being misused or being the target of fraud.
For database systems, auditing access to a database can be set up on multiple levels. solidDB includes audit features that collect details about changes to user and login information, data model changes, SQL operations that modify and access the data, and certain operational events.
solidDB includes features that offer the following capabilities:
▪ Auditing user and schema changes only: By using the Sql.AuditTrailEnabled parameter in the solid.ini file, you can collect information about changes to user definitions and the database model. The information is stored in a system table for auditing purposes. As changes to the data model or user definitions are relatively rare events, the table is likely to be small or moderate in size.
▪ Auditing all database operations: By using the Srv.AuditInfoLogEnabled parameter in the solid.ini file, you can create files (external to the database) that contain information about user and schema changes, SQL that is executed at the server, and certain operational events. In systems with high workload, these files can be very large. A method for processing and archiving these files should also be considered.