Configure auditing

This topic provides instructions for configuring an auditing class. By default, the RMAudit event (which audits some IBM InfoSphere Enterprise Records actions) is enabled for both successful and failed action attempts for the Record Category, Record Folder, and Volume classes. You can modify these default settings (for example, you might choose to audit only successful attempts), and you can enable the RMAudit event to audit other classes (such as the Record class). In addition, you might choose to audit system events for some classes (see System Events for more information about these events and the classes they apply to).

NOTE  Before you configure auditing, you should review the information on performance and audit log database storage implications in Concepts: audit logging in the Help for Content Engine Administration. In addition, you should note that enabling the RMAudit event for the Record class can impact performance since the number of records being audited would typically be large.

To configure auditing

  1. Log on to Enterprise Manager as System Administrator.
  2. Expand the node of the object store for which you want to configure audit events.
  3. Navigate to the class you want to configure
  4. Right-click on the class and select Properties.
  5. Select the Audit Definitions tab.
  6. From the Event drop-down menu, select the event you want to set and then select either Success, Failure, or both to specify if you want to log successful or failed actions.

    NOTE  To audit Transfer and Destroy events, select RMAudit.

  7. Select Apply to subclasses if you want the event to also be configured for subclasses of this class.
  8. Click Add.
  9. Repeat Steps 5 and 6 for each event you want to configure for the class.
  10. Click Apply and then click OK to save the changes made.