Versions Compared

Version Old Version 1 New Version 2
Changes made by

Yellowfin Admin

Yellowfin Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{anchor:top}
{toc: class=contents}

h2. Overview 概要
{styleclass: Class=topLink}[topページトップ|#top]
{styleclass}
YellowfinYellowfinは、どのユーザーがデータベースのデータにアクセスしているかを追跡するために完全な監査機構を持っています。レポートが実行されるたびに、そのレポートの定義とタイムスタンプが記録されます。
has
a利用実態の統計をとり特定のデータソースとビューに対するアクセスを追跡するために管理者権限で、Yellowfinデータベースにレポートを実行させることができます。
complete
audith3. facilityユニークなユーザーアカウントの設定
for
trackingセキュリティの確保と監査のためには、各々のユーザーがシステムにログオンするためにユニークなアカウントを持つことが必要不可欠です。ユーザーに共有アカウントの使用を許可してしまうと、管理者としてセキュリティを管理し、利用状況を監査することが難しくなるでしょう。
which
usersh3. are監査記録に保持されるデータ
accessing
dataレポートが実行されるたび、その以下のデータが詳細として記録されます。
from|| your項目 data|| sources.説明 Each||
time| a閲覧者のユーザーID report| isどのユーザーがレポートにアクセスしたか run|
a| uniqueレポートID instance| of閲覧されたレポートのID that|
report| definitionSQLステートメント\* and| timestamp生成されデータベースに送られたSQL is|
saved.| タイムスタンプ | Asレポートが実行された日時 an|
administrator| youアクセス時間 will| beクエリーに要した時間 able|
to| run返された行数(件数) reports| against何行(件)のデータが返されたか the|
Yellowfin| databaseアクセスされたソースシステム\* to| determineどのソースシステムがアクセスされたか your|
usage| statisticsアクセスされたビュー and* track| accessクエリーの一部としてどのビューがアクセスされたか to|
specific\*引き出された項目が記録されます
data
sources管理ビューにアクセスして利用状況の統計をレポートすることにより、管理者はアプリケーションと共有データへのすべてのユーザーアクセスを追跡し、監査することが可能です。
and
viewsh2. 
h3. Should we maintain unique user logins?
For security and audit purposes it is vital that each user be given unique access logons to the system.  If users use shared accounts your ability as an administrator to manage security and audit reporting use will be compromised. 
 
h3. What data is stored in the report audit?
Each time a report is run a record is created that stores the details of that report.
||Item||Description||
|Reader's User ID|Which user accessed the report|
|Report ID|Unique instance of a report definition|
|SQL Statement*|The SQL that was generated and passed to the database|
|Time Stamp|When the report was run|
|Duration|How long did the query take|
|Number of Rows Returned|How many rows were returned|
|Source System Accessed *|Which source system was accessed|
|View Accessed *|Which view was accessed as part of the query|
*Derived fields 

By accessing the administration view and reporting your usage statistics you will be able to track and audit all users' access to the application and your Public data.
 
h2. Audit Event List
{styleclass: Class=topLink}[top|#top]{styleclass}
In addition to the report instance tracking Yellowfin also maintains an event table which logs all major report related events.  This table can be used for audit tracking for user activity.

The following is a list of all event types and their descriptions as logged to the Yellowfin event table.


||EventTypeCode||EventCode||Description||SessionId||IpSource||UnitId||ReferenceId||Data||
|EXPORT|EXPORTCATEGORY|Export category|Yes|IpPerson|1|ContentManagementId|監査イベントの一覧
{styleclass: Class=topLink}[ページトップ|#top]
{styleclass}
Yellowfinでは、レポートインスタンスの追跡以外にも、主なレポート関連のイベントをすべて記録したイベントテーブルを管理しています。イベントテーブルは、ユーザーの操作を監査追跡するために使います。

以下の表は、Yellowfinのイベントテーブルに記録されるすべてのイベントタイプとその説明です。


|| EventTypeCode || EventCode || Description || SessionId || IpSource || UnitId || ReferenceId || Data ||
| EXPORT | EXPORTCATEGORY | Export category | Yes | IpPerson | 1 | ContentManagementId | Category, SubCategory, LoginAccess, ShortDescription |
| EXPORT | EXPORTDASHBOARD | Export dashboard | Yes | IpPerson | 1 | Tab Id | GroupId (Tab Id), ShortDescription |
| EXPORT | EXPORTREPORT | Export report | Yes | IpPerson | 1 | ReportId | ReportId, ReportName |
| EXPORT | EXPORTSOURCE | Export data source | Yes | IpPerson | 1 | SourceId | SourceId, SourceName |
| EXPORT | EXPORTVIEW | Export view | Yes | IpPerson | 1 | ViewId | ViewId, ViewDescription |
| GROUP | CREATEGROUP | Group created | Yes | IpPerson | 1 | GroupId | Group |
| GROUP | DELETEGROUP | Delete Group | Yes | IpPerson | 1 | GroupId | Group |
| GROUP | UPDATEGROUP | Group updated | Yes | IpPerson | 1 | GroupId | Group |
| IMPORT | IMPORTCATEGORY | Import category | Yes | IpPerson | 1 | ContentManagementId | Category, SubCategory, LoginAccess, ShortDescription |
| IMPORT | IMPORTDASHBOARD | Import dashboard | Yes | | 1 | Tab Id | GroupId, ShortDescription |
| IMPORT | IMPORTREPORT | Import report | Yes | IpPerson | 1 | ReportId | ReportId, ReportName |
| IMPORT | IMPORTSOURCE | Import data source | Yes | IpPerson | 1 | SourceId | SourceId, SourceName |
| IMPORT | IMPORTUSERS | Import users | Yes | IpPerson | 1 | 99 | UserN (IpPerson) |
| IMPORT | IMPORTVIEW | Import view | Yes | IpPerson | 1 | ViewId | ViewId, ViewDescription |
| REGiSTRATION | CREATEUSER | Create user | Yes | IpPerson | 1 | New User's IpPerson | IpPerson, PersonName, UserId, RoleCode |
| REGISTRATION | DELETEUSER | User deleted | Yes | IpPerson | 1 | IpPerson of deleted user | User (user's name), email (user's userid), org |
| REGiSTRATION | EDITUSER | Edit user | Yes | IpPerson | 1 | User's IpPerson | IpPerson, PersonName, UserId, RoleCode |
| REPORT | AUTOREFRESH | Scheduled report refreshed | | | 1 | ReportId | report |
| REPORT | DASHACTIVATE | Dashboard activated | Yes | IpPerson | 1 | Tab Id | reportgroup |
| REPORT | DASHADD | Existing tab added to user's dashboard | Yes | IpPerson | 1 | Tab Id | reportgroup |
| REPORT | DASHADDREPORT | Report added to existing dashboard | Yes | IpPerson | 1 | Tab Id | reportgroup, report |
| REPORT | DASHBOARD | Dashboard tab is run | Yes | IpPerson | 1 | Tab Id | requestortype, requestorid, dashboardid, dashboardtype, dashboardstatus, dashboardname |
| REPORT | DASHCREATE | New dashboard created | Yes | IpPerson | 1 | Tab Id | reportgroup |
| REPORT | DASHDELETE | Tab deleted from user's dashboard | Yes | IpPerson | 1 | Tab Id | reportgroup |
| REPORT | DASHDELETEREPORT | Report deleted from a dashboard | Yes | IpPerson | 1 | Tab Id | reportgroup, report |
| REPORT | DASHEDIT | Dashboard edited | Yes | IpPerson | 1 | Tab Id | reportgroup, parentgroup (if parent group exists) |
| REPORT | DASHREMOVED | Corp Dashboard removed entirely | Yes | IpPerson | 1 | Tab Id | reportgroup |
| REPORT | DASHRUN | Report is run from dashboard | Yes | IpPerson | 1 | ReportInstanceId | requestortype, requestor, timetorun, numrows, report |
| REPORT | EMAIL | Report emailed to someone | Yes | IpPerson | 1 | ReportId | message, recipientN, subject |
| REPORT | EXPORT | Report saved as external format (pdf, xls etc) | Yes | IpPerson | 1 | ReportId | filename, exporttype, filesize |
| REPORT | FAVEADD | Report added to favourites list | Yes | IpPerson | 1 | ReportId | report |
| REPORT | FAVEDELETE | Report deleted from favourites list | Yes | IpPerson | 1 | ReportId | report |
| REPORT | RPTBROADCAST | Scheduled broadcast run | | | BroadcastId | ReportId | report, error |
| REPORT | RPTCOPY | Report copied | Yes | IpPerson | 1 | New ReportId | originalreport, newreport |
| REPORT | RPTCREATE | Report created | Yes | IpPerson | 1 | ReportId | report |
| REPORT | RPTDELETE | Report deleted | Yes | IpPerson | 1 | ReportId | report |
| REPORT | RPTEDIT | Report edited | Yes | IpPerson | 1 | ReportId | report |
| REPORT | RPTREFRESH | Refresh a manual-refresh report | Yes | IpPerson | 1 | ReportId | report |
| REPORT | RPTRUN | Report is run | Yes | IpPerson | 1 | ReportInstanceId | requestortype, requestor, timetorun, numrows, report |
| REPORT | RPTSEARCH | Report search performed | Yes | IpPerson | 1 | 99 | searchtext |
| REPORT | RPTSUBSCRIBE | User subscribed to a report | Yes | IpPerson | BroadcastId | ReportId | report |
| REPORT | XMLTOOBIG | VersionHistory flag is on, but xml exceeds max size | Yes | IpPerson | 1 | Reportid | ContentManagementId, MaxSize, XMLSize |
| REPORTADMIN | CATCREATE | Report category created | Yes | IpPerson | 1 | ContentManagementId | Category, SubCategory, LoginAccess, ShortDescription |
| REPORTADMIN | CATDELETE | Report category deleted | Yes | IpPerson | 1 | ContentManagementId | Category, SubCategory, LoginAccess, ShortDescription |
| REPORTADMIN | CATEDIT | Report category edited | Yes | IpPerson | 1 | ContentManagementId | Category, SubCategory, LoginAccess, ShortDescription |
| REPORTADMIN | COMPOSITEVIEWREFRESH | Scheduled composite view refresh | | | 1 | ViewId | view, error |
| REPORTADMIN | DELETESCHEDULE | Scheduled task deleted | Yes | IpPerson | 1 | 99 | ScheduleSubjectCode, ScheduleUnitCode, ScheduleUnitId |
| REPORTADMIN | DISTRIBUTEDASH | Dashboard tab distributed to another user | Yes | IpPerson | 1 | Tab Id | fullname (person sending the tab), userId (userid of person sending the tab), tabId, recipient (ipPerson) |
| REPORTADMIN | DISTRIBUTEREPORT | Report distributed to another user | Yes | IpPerson | 1 | ReportId | fullname (person sending the report), userId (userid of person sending the report), reportId, recipient (ipPerson) |
| REPORTADMIN | KILLSESSION | Session killed | Yes | IpPerson | 1 | 99 | KilledSessionId, UserName, UserId |
| REPORTADMIN | LICENCELOADED | New Licence file loaded | Yes | IpPerson | 1 | DocumentId | DocumentId |
| REPORTADMIN | SOURCECREATE | Data source created | Yes | IpPerson | 1 | SourceId | name, access, url, username |
| REPORTADMIN | SOURCEDELETE | Data source deleted | Yes | IpPerson | 1 | SourceId | name, access, url, username |
| REPORTADMIN | SOURCEEDIT | Data source edited | Yes | IpPerson | 1 | SourceId | name, access, url, username |
| REPORTADMIN | SOURCEFILTERREFRESH | Scheduled source filter refresh | | | 1 | ReportTaskId | source, filter, error |
| REPORTADMIN | UPDATECONFIG | Configuration updated | Yes | IpPerson | 1 | 99 | |	
| REPORTADMIN | VIEWACTIVATE | View activated | Yes | IpPerson | 1 | ViewId | name, access, status |
| REPORTADMIN | VIEWCREATE | View created | Yes | IpPerson | 1 | ViewId | name, access, status |
| REPORTADMIN | VIEWDEACTIVATE | View deactivated (changed from active to draft mode) | Yes | IpPerson | 1 | ViewId | name, access, status |
| REPORTADMIN | VIEWDELETE | View deleted | Yes | IpPerson | 1 | ViewId | name, access, status |
| REPORTADMIN | VIEWEDIT | View edited | Yes | IpPerson | 1 | ViewId | name, access, status |
| ROLEADMIN | CREATEROLE | Role created | Yes | IpPerson | 1 | 99 | Role |
| ROLEADMIN | DELETEROLE | Role deleted | Yes | IpPerson | 1 | 99 | Role |
| ROLEADMIN | UPDATEROLE | Role updated | Yes | IpPerson | 1 | 99 | Role |
| SYSTEM | SHUTDOWN | System shutdown | | | 1 | 99 | ShutdownTime |
| SYSTEM | STARTUP | System startup | | | 1 | 99 | StartupTime |
| SYSTEMTASK | ADHOC | Used for various background system tasks (adhoc task started) | | | 1 | 99 | TaskName, StartTime |
| SYSTEMTASK | COMPLETE | Used for various background system tasks (task completed) | | | 1 | 99 | TaskName, CompleteTime |
| SYSTEMTASK | SCHEDULED | Used for various background system tasks (scheduled task started) | | | 1 | 99 | TaskName, StartTime |
| USERACCESS | DASHBOARD | Dashboard record cleanup | Yes | IpPerson | 1 | 99 | message, dashboardid |
| USERACCESS | LOGIN | User logs in | Yes | IpPerson | 1 | 99 | email (userid), browser, AccessType, ClientOrg?, ClientRefId?, webservices? |
| USERACCESS | LOGOUT | User logs out | Yes | IpPerson | 1 | 99 | PersonName, PersonId, OrgName, OrgId, Userid |
| USERACCESS | PASSWORDINVALID | User enters invalid password during logon attempt | | IpPerson | 1 | 99 | attempt, userid |
| USERACCESS | SESSIONTIMEOUT | User's session times out | Yes | IpPerson | 1 | 99 | userid, AccessType, Timeout |
| USERACCESS | USERLOCKOUT | User enters invalid password 3 times and is locked out | | IpPerson | 1 | 99 | attempt, userid |
\\
\\
{horizontalrule}
{styleclass: Class=topLink}[topページトップ|#top]
{styleclass}