Audit logging is a security component of the MultiValue databases. MultiValue databases are composed of data objects and system programs, which are resources to the audit logging subsystem. When the database accesses a resource, it triggers an audit event and an audit log record might be generated, depending on how the system is configured. Audit logging is designed to be:
Comprehensive: All types of resources and operations are covered. The system classifies events and resources and creates an audit trail based on upon the classification.
Flexible: This subsystem can be easily configured to capture specific events without stopping and restarting the database. It can also write audit records to an operating system sequential file, the operating system syslog file (for UNIX and Linux), a MultiValue hashed file, or a group of log files.
Secure: Audit files are protected against unauthorized access and modification. The configuration file is encrypted and can be protected by a password. Audit log file contents can also be encrypted. Audit logging also helps to satisfy compliance requirements from regulations and standards set by government agencies and industry organizations, such as:
Health Insurance Portability and Accountability Act (HIPAA)
Health Information Technology for Electronic and Clinical Health Act (HITECH)
Payment Card Industry - Data Security Standard (PCI-DSS) ▪ Sarbanes-Oxley Act (SOX)
Assist with planning Audit Logging implementation planning
Determining extent of system transactions Auditing
Setup Audit Logging on the MultiValue Database
Learn how to view logs
Determining the method of Audit logging to be deployed
Audit logging documentation review
Comprehensive Transfer Of Knowledge (TOK)