solidDB does not include a specific tool for analyzing the files that are created by the AuditInfo feature. For most trivial cases, searching the files for specific strings might be sufficient. For anything more complicated, writing scripts or using third party tools to analyze the output is required.
Consider the following guidelines when analyzing the audit files:
▪ For most auditing cases, you must first validate the completeness of the record. The solidDB audit log field msg_id provides a continuous ascending sequence of audit record numbers. If numbers are missing from the sequence then either files are missing or the contents of some files have changed. For more information about the content of audit records, see AuditInfo log records.
▪ If HotStandby (HSB) is used and you have an audit file that contains records from both HSB servers, the set of audit records from each server has its own msg_id sequence. To list the audit records in the correct sequence, you should sort the file based on the time field in each audit record. For more information, see Using AuditInfo Log feature with solidDB HotStandby.
▪ Make sure that you understand the information that is (and is not) collected by the audit process, see Audited operations.
▪ To validate that write operations completed, look for TRXCOMM and TRXROLL records. The audit records contain information about all transactions, including the transactions that were rolled back. If a transaction is rolled back, a rollback record is included in the audit file.