Audit Features

Database auditing is the ability to continuously monitor, record, analyze and report on user-level database activity. SOLO Server can audit several key tables in the database, including Authors, Customers, Licenses, Products, and Product Options, and Users.

Customer record auditing has been available in SOLO Server for many years. Every time a customer record is modified, an audit record is created with the full contents of the customer record prior to the update. This audit data can be viewed at the bottom of the Customer Information screen. Clicking on an Audit ID will display the customer details at previous times prior to modifications being made.

Audit support for Authors, Licenses, Products, Product Option, and User records uses a new mechanism. With this mechanism, when certain changes are made to a field in one of the monitored tables, an audit record is inserted into a separate table that contains:

1. The ID of the record which was changed.
2. The logged-in user who made the change.
3. The timestamp of the change.
4. A list of fields changed (including the old and new values).

Note that the database trigger on the Licenses table can potentially cause performance issues in high traffic/load scenarios. For this reason, this feature is not enabled by default. We have also taken special care in the design of this trigger to only audit records under the following circumstances:

1. When a table is changed through the administration interface by a logged-in user.
2. When a single record is updated at a time. If an update statement is performed that affects multiple rows at the same time, the trigger will not run.

License Auditing Availability

For customers using SOLO Server Shared URL, auditing is not enabled on Licenses. Customers using SOLO Server Dedicated URL who wish to enable auditing on Licenses can contact us and request to enable it. For customers using SOLO Server Self-Hosted, auditing on Licenses must be enabled by following the instructions below.

Accessing the Auditing Data In the Authors Interface

Auditing data is accessible to users based on the following permissions:

• Authors: Master User
• Customers: No permissions required.
• Licenses: No permissions required.
• Products: View Products
• Product Options: View Products
• Users: Manage Users

The audit data can be viewed through the SOLO Server authors interface as follows:

• Authors: From the menu, select Admin / Audit History.
• Customers: Audit data is listed in the Audit Data section at the bottom of the customer details page.
• Licenses: On the license details page, use the Licenses dropdown and choose View Audit History.
• Products: On the product details page, use the Actions dropdown and choose View Audit History.
• Product Options: On the product option details page, use the Actions dropdown and choose View Audit History.
• Users: On the user configuration page, click the View Audit History button in the page heading.

Audit data can also be exported in xml format as follows:

• From the menu, click Reports, and then select the audit type to export from the Audit Exports section.
• On the license details page,use the Licenses dropdown and choose Export Audit History to export data for a specific License ID.

Installing/Enabling License Auditing

As noted above, auditing on the Licenses table is not enabled by default due to the potential performance impact in high traffic/load scenarios. Follow these steps to enable license auditing:

• Install the auditing trigger in the database:
  • On the database server, open SQL Server Management Studio (SSMS) and connect to the SOLO database.
  • Open and run the trigger installation script in SSMS. The script is located at SOLO\Database\Triggers\Auditing\dbo.SOLO_TRIG_LicensesUpdate.sql relative to the install location (generally C:\SWKey).
• Update the EnableLicenseAudits web.config entry to True.