1. Set Sign-On Audit Level
The valid settings for the profile option SIGNONAUDIT:LEVEL are
None, User, Responsibility and
Form. At site level, set this profile option to Form to enable as much auditing as possible. At this setting, the
system logs all user sign-ons, responsibility selections and form accesses to APPLSYS.FND_LOGINS, APPLSYS.
FND_LOGIN_RESPONSIBILITIES and APPLSYS.FND_LOGIN_RESP_FORMS, respectively.
Form. At site level, set this profile option to Form to enable as much auditing as possible. At this setting, the
system logs all user sign-ons, responsibility selections and form accesses to APPLSYS.FND_LOGINS, APPLSYS.
FND_LOGIN_RESPONSIBILITIES and APPLSYS.FND_LOGIN_RESP_FORMS, respectively.
|
Profile Option Name
|
Description
|
Recommend
|
|
Sign-On:Audit Level
|
Set at site-level to track actions starting when the user logs
on
|
Form
|
2. Monitor System Activity With OAM
Oracle Application Manager (OAM) provides screens for monitoring
current and past system activity. In addition,
OAM provides a framework extensible for running custom OAM reports. Monitoring features include current
and historic user activity down to the page access level and current and historical Concurrent Manager
activity. See OAM documentation for complete product information.
Regarding Page Access Tracking, it tracks Oracle Applications usage statistics non-intrusively and with negligible
performance impact. It tracks Web-based and Form-based accesses across technology stacks and correlates
them for each user session. See MOS Note 402116.1 for more detailed information about Page Access Tracking
OAM provides a framework extensible for running custom OAM reports. Monitoring features include current
and historic user activity down to the page access level and current and historical Concurrent Manager
activity. See OAM documentation for complete product information.
Regarding Page Access Tracking, it tracks Oracle Applications usage statistics non-intrusively and with negligible
performance impact. It tracks Web-based and Form-based accesses across technology stacks and correlates
them for each user session. See MOS Note 402116.1 for more detailed information about Page Access Tracking
3. Retrieve Audit Records Using
Reports
Oracle E-Business Suite ships standard reports to access signon,
unsuccessful signon, responsibility usage, form
usage and concurrent request usage. Access these reports through the system administrator responsibility.
Signon Audit Concurrent Requests
Signon Audit Forms
Signon Audit Responsibilities
Signon Audit Unsuccessful Logins
Signon Audit Users
usage and concurrent request usage. Access these reports through the system administrator responsibility.
Signon Audit Concurrent Requests
Signon Audit Forms
Signon Audit Responsibilities
Signon Audit Unsuccessful Logins
Signon Audit Users
4. Retrieve Audit Records Using SQL
The system stores end-user access data in the following tables.
Develop SQL scripts to query these tables to
generate reports.
APPLSYS.FND_LOGINS
APPLSYS.FND_LOGIN_RESPONSIBILITIES
APPLSYS.FND_LOGIN_RESP_FORMS
APPLSYS.FND_UNSUCCESSFUL_LOGINS
FND_CONCURRENT_REQUESTS
ICX.ICX_FAILURES
generate reports.
APPLSYS.FND_LOGINS
APPLSYS.FND_LOGIN_RESPONSIBILITIES
APPLSYS.FND_LOGIN_RESP_FORMS
APPLSYS.FND_UNSUCCESSFUL_LOGINS
FND_CONCURRENT_REQUESTS
ICX.ICX_FAILURES
5. Purge Audit Records
Purge end-user access data using the Purge Signon Audit Data
concurrent program. The current program purges
all audit records older than a user supplied date. Run this concurrent program between once a week and once a
month, retaining 30 to 90 days of records. This concurrent program purges the following tables:
FND_LOGIN_RESP_FORMS
FND_LOGIN_RESPONSIBILITIES
FND_LOGINS
FND_UNSUCCESSFUL_LOGINS
all audit records older than a user supplied date. Run this concurrent program between once a week and once a
month, retaining 30 to 90 days of records. This concurrent program purges the following tables:
FND_LOGIN_RESP_FORMS
FND_LOGIN_RESPONSIBILITIES
FND_LOGINS
FND_UNSUCCESSFUL_LOGINS
Purge concurrent request data using the Purge Concurrent Request and/or Manager Data concurrent program.
Run this concurrent program at least once a week and retain 14 to 90 days of records.
Periodically archive and truncate the FND_LOGIN% tables
6. Review Data Tracked (No Reports
Available)
Some data tracked by the system do not have associated reports.
Nevertheless, these audit records contain valuable
information.
Who Columns
For most E-Business Suite tables, database rows are updated with the creation and last update information. The
system stores this information in the following columns (known as “Who Columns”):
information.
Who Columns
For most E-Business Suite tables, database rows are updated with the creation and last update information. The
system stores this information in the following columns (known as “Who Columns”):
|
Who Column Name
|
Description
|
|
CREATE_DATE
|
Date and Time row was created
|
|
CREATE_BY
|
Oracle Applications user ID from FND_USER
|
|
LAST_UPDATE_LOGIN
|
Login ID from FND_LOGINS
|
|
LAST_UPDATE_DATE
|
Date and Time row as last updated
|
|
LAST_UPDATE_BY
|
Oracle Applications user ID from FND_USERS
|
Join with FND_USERS and FND_LOGINS tables to identify the
application user tracked in the audit record.
Note, only the last update to record is saved. To save the entire history of a row, enable Oracle E-Business Suite
Audit Trail.
Note, only the last update to record is saved. To save the entire history of a row, enable Oracle E-Business Suite
Audit Trail.
The system automatically stores unsuccessful logon attempts in the
APPLSYS.FND_UNSUCCESSFUL_LOGINS
and ICX.ICX_FAILURES tables. The ICX_FAILURES table holds more information than the
FND_UNSUCCESSFUL_LOGINS. Both the FND_UNSUCCESSFUL_LOGINS and ICX_FAILURES tables contain
unsuccessful logins via the Personal Home Page (Self Service/Web Interface). Failed Forms logins are logged
only to the FND_UNSUCCESSFUL_LOGINS table. This functionality cannot be disabled.
and ICX.ICX_FAILURES tables. The ICX_FAILURES table holds more information than the
FND_UNSUCCESSFUL_LOGINS. Both the FND_UNSUCCESSFUL_LOGINS and ICX_FAILURES tables contain
unsuccessful logins via the Personal Home Page (Self Service/Web Interface). Failed Forms logins are logged
only to the FND_UNSUCCESSFUL_LOGINS table. This functionality cannot be disabled.
No comments:
Post a Comment