|
Siebel Security Guide > About Security for Siebel Business Applications > Siebel Security Architecture >
Support for Auditing in a Siebel Environment
Siebel Business Applications support various degrees of auditing:
- At the simplest level, each data record has created and last updated fields (when and by whom). With additional configuration, you can generate an activity for additional levels of auditing. This is best used when there are limited needs for auditing, for example, just a few areas to track.
- Siebel Business Applications can maintain an audit trail of information that tells when business component fields have been changed, who made the change, and what has been changed. It is also possible to maintain an audit trail of when the business component fields have been viewed or exported and who viewed or exported fields. Siebel Audit Trail is a configurable feature that allows users to choose business components and fields to audit, and to determine the scope of the audit.
Siebel customers can choose to audit all activity, or to limit the scope of auditing to those operations performed by certain responsibilities, positions, or employees. Siebel Business Applications also allow customers to audit specific data fields or objects.
- Using Siebel Workflow, you can configure workflow processes to save information on changes to specific business components.
- You can attach scripts to the business component Write_Record event and save information about the transaction.
- Siebel customers can use database auditing that is included with all supported databases. All vendors support high levels of audits: B3 or C2 Orange book levels. (Database auditing requires a security person to review the audit information.)
If you implement a shared database account with LDAP, ADSI, or Web Single Sign-On authentication mechanisms, then database auditing cannot provide detailed information about an individual user's database access. For additional information, see Configuring the Shared Database Account.
|
