Setting Up Sign-On Audit (User, System Administrator, and Flexfields Help)


	Previous	Next		Contents	Index	Navigation	Glossary	Library

Setting Up Sign-On Audit

You use the Sign-On:Audit Level user profile option to control who Sign-On Audit tracks and the level at which they are audited.

Use the Monitor Users form to view online what your users are doing.

Use the Submit Reports form to submit Sign-On Audit Reports that give you detailed audit information.

Enabling Sign-On Audit

Use the System Profile Values form to enable Sign-On Audit. Choose the scope of your audit and who to audit by setting the user profile level at the user, responsibility, application, or site profile levels.

Users cannot see nor change this profile option.

After you set or change audit levels, the new audit levels for a user take effect the next time the user signs onto Oracle Applications from the operating system.

Selecting Audit Levels

The Sign-On:Audit Level profile option allows you to select a level at which to audit users who sign on to Oracle Applications. Four audit levels increase in functionality: None, User, Responsibility, and Form.

None is the default value, and means do not audit any users who sign on to Oracle Applications.

Auditing at the User level tracks:

who signs on to your system

the times users log on and off

the terminals in use

Auditing at the Responsibility level performs the User level audit functions and tracks:

the responsibilities users choose

how much time users spend using each responsibility

Auditing at the Form level performs the Responsibility level audit functions and tracks:

the forms users choose

how long users spend using each form

Factoring in System Overhead

In planning your organization's Sign-On Audit implementation, you should consider the additional system overhead required to precisely monitor and audit your users as they access Oracle Applications. The more users you audit and the higher the level of auditing, the greater the likelihood of incurring additional system overhead.

Example - Audit Users, Responsibilities, & Forms

One example implementation of Sign-On Audit is to audit all of your users' sign-ons, the responsibilities they select, and the forms they access.

To set up this implementation, set "Sign-On:Audit Level" to:

Form audit

At the Site profile level

Example - Audit a specific responsibility, excepting one user

Another example of using Sign-On Audit is for an organization to audit all users of the Personnel Manager responsibility, except for MJONES.

In this example, you do not care to audit the forms the users access or the responsibilities they select.

To set up this implementation, set "Sign-On:Audit Level" to:

User audit

At the responsibility profile level for the Personnel Manager responsibility

You also set "Sign-On:Audit Level" to:

None

At the user profile level for the application user MJONES

Using the Application Monitor

Use the Monitor Users form to monitor who is using Oracle Applications and what they are doing. You can monitor your users at any time.

The Application Monitor lets you see what users are signed on, what responsibilities, forms, and terminals they are using, how long they have been working on forms, and what ORACLE processes they are using.

Attention: You can only monitor those users that are being audited by Sign-On Audit. The Application Monitor also reflects the level of auditing you define for your users.

About This Record Window

You can display Sign-On Audit data by choosing from the Help menu, About This Record...

Sign-On Audit can automatically tie in "About This Record" information for records that are inserted or updated by audited users. This additional information appears in the "About This Record" window when you set the Who:Display Type profile option to Extended.

Extended information shows the Oracle Applications session number, the operating system login name, and the terminal that a user you are tracking with Sign-On Audit used to insert or update a row.

As System Administrator, you can use the System Profile Values form to set "Who:Display Type" to let any user, responsibility, application, or site view Extended "About This Record" information.

Who: Display Type Profile Option

The Who: Display Type profile option allows you to choose between two different displays in the About This Record window:

"Normal" displays the:

name of the user who created the row

date the user created the row

name of the table containing the row

name of the user who last updated the row

"Extended" displays Normal information, plus:

the user's operating system logon

the user's terminal identification

Users cannot see nor change this profile option.

This profile option is visible and updatable at all four levels.

Notifying of Unsuccessful Logins

Sign-On Audit can track user logins and provide users with a warning message if anyone has made an unsuccessful attempt to sign on with their application username since their last sign-on. This warning message appears after a user signs on.

You or your users can activate this feature using the Personal Profile Values form by setting the "Sign-On:Notification" user profile option to Yes.

You do not have to audit the user with Sign-On Audit to use this notification feature.