Audit compliance has become an increasingly important part of most businesses. Failure to meet compliance requirements can result in heavy fines, or even suspension of operations. Fraudulent activity can result in significant costs if left unchecked. It is imperative that you know what data is being changed, when, how, and by whom. Fortunately, Shadowbase software includes functionality to address these important requirements:
Available for the HPE NonStop Server platform as a source (Enscribe, NonStop SQL/MP, NonStop SQL/MX), HPE Shadowbase Audit Log (SAL) software creates a searchable archival database of transactional activity (e.g., inserts, updates, and deletes) on a reporting database for application change data auditing purposes. The reporting database is created on an off-platform target database (Oracle or SQL Server).
When configured, SAL software will replicate the HPE NonStop TMF audit trail database change activity to the target reporting database, storing the change information as a series of rows, one per each of the insert, update, and delete statements that were originally issued against the source database. This report allows you to search and review, historically, what data was changed, and when, in the source database.
Solution Brief: Shadowbase Audit Compliance Reporting and Analysis
HPE Shadowbase Audit Reader (SAR) software analyzes and displays all audited database activities on HPE NonStop server systems. It shows what application transactions did, and when they did it, to database files and tables, enabling investigation of how data is being changed. Both current and historical transactional information can be analyzed using a variety of search criteria. All of these features are available using a simple, easy to learn, command line interface.
SAR is a useful utility for accurately analyzing the database change results of an application. When used during the development of code, for example, one can learn the exact order or sequence in which the application applies changes to a database. These I/O executions can be analyzed to make sure the code is performing results based upon the correct implementation of the intended design algorithm or business rule.
Another use for SAR is to analyze the TMF audit trail contents to determine where application problems may have occurred and assist in the remediation of the database when these problems are discovered. It is particularly useful for vendor-supplied software (i.e., for cases where you do not have access to the source code) so that you can see exactly how the application is changing the database for each transaction it performs.
Using the command interpreter interface to SAR, one can write a simple query against the audit trail for the timeframe and the Enscribe file or SQL table in question. SAR allows one to query the audit trail by timestamp, transaction id, or type of statement (insert, update, delete, transactional boundary-begin commit, etc., for local and network events). It permits the assignment of Data Definition Language (DDL) for Enscribe I/O events, uses the SQL table schema for SQL events, and provides the ability to display the output data in a variety of views and formats showing both the before and after images of the change which was performed by the application. SAR optionally also reads “foreign” audit (audit generated on another HPE NonStop server system). SAR software supports both Enscribe and NonStop SQL I/O events.
SAR is a powerful utility for displaying the transactional activity that has changed your database. It is particularly useful for understanding how and when the database changes occur, and for analyzing the before and after values of every insert, update, and delete that was applied against your data.