You can view entries in the audit log using IBM® Administration
Console for Content Platform Engine. You can also view audit
entries for an entity using the history view of the IBM Enterprise
Records application.
About this task
Using IBM Administration
Console for Content Platform Engine
In addition to performing this procedure, you can retrieve,
view, and operate on audit log entries using the auditing-related
Saved Searches included in IBM Administration
Console for Content Platform Engine.
Procedure
To view the audit log entries:
- Log on to IBM Administration
Console for Content Platform Engine as System Administrator.
- Expand the node for the object store that contains the
audit log you want to view.
- Right-click the Search Results node
and select New Search from the menu to open
the Query Builder.
- Select either the RMAudit object,
the Event object, or a specific event type
object, such as FileEvent, from the Select from Table menu list box. The query builder shows
all columns defined in the selected table in the Select
Columns window.
- By default, all the properties listed in the Select Columns
menu display in the search results. You can optionally select only
those properties you want to include in the search results.
- Click OK to start the search for
audit log entries.
Results
After the Query Builder runs the search query, the details
pane shows the objects that match the criteria you specified. The
details pane shows the columns of properties from the selected object
table. Double-click the results to view the audit log.
To view
entries for a specific entity type, open the Properties page for the
class of the entity. Click the Properties tab.
Select the property value (the GUID) for the Primary ID property.
Then right-click and Copy the value. In Step 5 earlier, specify the
search criteria as follows: SourceClassId as the Column, Equal To
as the Condition, and the GUID you copied as the Value. In a similar
fashion, you can view entries for a specific entity by browsing to
that entity in IBM Administration
Console for Content Platform Engine, then copying its ID property. Alternatively, open the Properties
page of the entity and click the Audit History tab.
Using the IBM Enterprise
Records History View
Only a Records Administrator can view audit log
entries using the History view.
To use the History view:
- From the IBM Enterprise
Records application,
browse the file plan to access the entity whose audit history you
want to see.
- To show the Information page of the entity, click the Get Info
icon.
- Click the History link.
- Select the check boxes for the types of events you want to see
for the selected entity.
- Specify the criteria:
- Click the calendar icons to enter the period for which you want
to show events.
- Select either AND or OR as the conditional operator. If you select AND, then you see only
those events that match the criteria specified in both the Event Date and Initiated By fields.
If you select OR, then you see the events that match the criteria
specified in either the Event Date or Initiated By fields.
- Click Select User to specify the user who
initiated the events.
- Select either AND or OR for the results of the previous two conditions and Event
Status.
- Select either Success or Failure from the Event Status list box to show either
successful or failed events.
- Specify a number in the Max Results text box. This result is the
maximum number of events that you want to show in a page.
Attention: If you specify zero (0) as the maximum results value,
then you see all the events available in the audit history for the
entity.
- Click Search to search and display events
based on the specified criteria, or click Clear to clear the search criteria that you specified on this page.
- Click Exit to close the page.