2 Menus and Screens
This chapter contains these topics:
2.1 Overview
This section describes the menus and screens that comprise the Database Audit Manager (DBAM). The menu for the Database Audit Manager is G946, shown below. From the menu you can select a file and the fields you want tracked. You can also add a new audit process, build an audit, activate and deactivate audit triggers, maintain reason codes and set the default library names used throughout the system.
Figure 2-1 Database Audit Manager Menu screen
Description of "Figure 2-1 Database Audit Manager Menu screen"
The selections on the Database Audit Manager menu are described briefly below.
| Menu Selection | Description |
|---|---|
| Audit Manager Workbench | Displays the primary application screen, Audit Management Workbench. It allows you to add new audit process, build audit, turn audit triggers on or off, and delete the audit configuration for a file. |
| Reason Code Maintenance | Opens the Reason Code Maintenance screen that displays reasons to be associated with events. On this screen, you can add, change, and display inactive reasons. |
| Audit Configuration Defaults | This screen contains the default library names that will be used throughout the system. Audit defaults must be set up in an environment where the audit process will be active. |
| Deactivate All Configurations
Activate All Configurations |
These two menu selections are bulk operations will turn on or off all current Database Audit Manager configured audits. These utilities are provided specifically to facilitate the operations which are needed before applying software upgrades (Releases, Cumes, or PcCpys) and resuming audit functions after upgrades.
These bulk trigger activation and deactivation processes should be used only by personnel knowledgeable about JD Edwards World software applications, and with the proper system authorities to add or remove database triggers from production files. Manipulating these configurations requires exclusive object allocation of the database file. Therefore, these operations may need to be performed when no users are accessing the software. |
| Associated Text Search | Use this screen to access the associated text attached to a specific audit action. Associated text can be changed but never deleted. |
2.2 Audit Configuration Defaults (P98201)
Audit Configuration Defaults allows you to add, view, or change the default values used when you add a new file. Select Audit Configuration Defaults (P98201) directly from the menu or press F8 on the Audit Manager Workbench (P98200).
Figure 2-2 Audit Configuration Details screen
Description of "Figure 2-2 Audit Configuration Details screen"
The Audit Configuration Defaults (P98201) screen has the following fields:
| Field | Explanation |
|---|---|
| Library Locations: | |
| Database Files | The library that is used to generate the initial database selection list when a new configuration is being created. This should be your production database library. |
| Audit Log Files | The library into which the Audit Manager will create the audit log files. This library does not need to be in user library lists. The generated auditing trigger programs are able to access the log files without the library appearing in users library lists. |
| Trigger Programs | The library into which the Audit Manager will create the auditing trigger programs. This library does not need to be in user library lists. The generated auditing trigger programs are able to access the log files without the library appearing in users library lists. |
| Output Trigger Source: | Specify the library and source file location into which the Audit Manager is to place the generated source code for the auditing trigger program. This source file location does not need to be the standard JD Edwards source file (JDESRC) where production source code resides. This library does not need to be in user library lists to generate audit configurations. Object generation is qualified to this location. The only requirement is that this be a standard IBM source file. |
| Library | Defines the source code library. |
| Source File | Defines the source physical file that is in the output trigger source library. This can be any client designated library name. |
| Trigger Source Template: | Specify the library, source file, and member name of the audit trigger template program that the Audit Manager uses to generate the necessary audit objects.
Note: The JD Edwards supplied audit trigger template source code contains substitution markers that the build process uses to insert information specific to the defined audit configuration. Each configuration is specific to the database file being audited. It is advised that modifications to this template not be performed, or if required by your installation, they be performed by highly qualified engineers only. |
| Library | Defines the library that contains the source code that JD Edwards World delivers. This library name was determined at the time of install. |
| Source File | Defines the source physical file that is in the library. |
| Member | Defines the template program that is shipped from JD Edwards World to be used with the Database Audit Manager system. |
The Audit Configuration Defaults (P98201) screen has one function key exit.
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Audit Manager Workbench (P98200). |
2.3 Audit Manager Workbench (P98200)
Figure 2-3 Audit Manager Workbench screen
Description of "Figure 2-3 Audit Manager Workbench screen"
The Audit Manager Workbench (P98200) is the primary application screen of the Database Audit Manager. It lists files that have been selected for auditing and the stage of that audit process. The screen provides the following information on each file:
| Field | Explanation |
|---|---|
| File | Identifies the data file containing the fields tracked by the audit. |
| Library | Identifies the library that contains the data file. |
| Description | Describes the file containing the fields tracked by the audit process. |
| Status | Indicates if the audit is active (built and turned on), ready (built but not turned on), or incomplete (not built or setup is not complete). |
By entering an option number in the Option field for a displayed file, you can perform the following tasks:
| Option | Task |
|---|---|
| 1 | Executes the build process that creates or changes the audit file. Creates and compiles the trigger program that is used to audit the data file. |
| 2 | Accesses the setup files. |
| 4 | Places the triggers on the file. |
| 5 | Removes the triggers from the file. |
| 7 | Displays triggers for a file. |
| 9 | Deletes the audit program and setup records. It does not delete the audit file or the SVR record created for the audit file. |
In addition to the options, there are function key exits that allow the user to add new files for auditing and configure defaults used by the system. The following table describes the function key exits:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Database Audit Manager (G946). |
| Create a New Audit Definition (F6) | Displays the File List screen, which allows you to select a new data file to audit. |
| Configuration Defaults (F8) | Display Audit Configuration Defaults screen, which allows you to change the environment default values. |
2.4 Change Audit Definition (P98200W)
The Change Audit Definition (P98200W) screen displays when you select a file with an option 2 on the Audit Manager Workbench.
Figure 2-4 Change Audit Definition Window
Description of "Figure 2-4 Change Audit Definition Window"
From the Change Audit Definition (P98200W) screen, select any or all of the following:
-
Audit Definition Parameters (P98202)
-
Field Selection List (P98203)
-
Add/Change Reason Codes (P98204)
The Change Audit Definition (P98200W) screen has one function key exit.
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Database Audit Workbench (P98200). |
2.5 File List (P98200X)
The File List (P98200X) screen displays when you press F6 from the Audit Manager Workbench (P98200) screen. It lists the files in a selected library.
Note:
The description comes from the object itself. No description on the object means none will show on the display. Files highlighted are not selectable as they are already files with audit configurations. (Depending on the number of files in the library, the response may take several seconds to display the list of files. The message Retrieve Database File List appears at the bottom of the screen.)The File List screen provides the following information for each file listed.
| Field | Explanation |
|---|---|
| File | The production data file. |
| Library | The library that contains the file. |
| Description | A description of the file. |
By entering an option number in the Option field for a displayed file, you can perform the following tasks:
| Option | Task |
|---|---|
| 1 | Selects a file for auditing. |
| 7 | Displays the triggers currently defined for the file. |
In addition to the options, there is one function key exit.
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Database Audit Workbench (P98200). |
2.6 Audit Definition Parameters (P98202)
The Audit Definition Parameters (P98202) screen displays if a file is selected from the File List (P98200X) screen or the Detail Parameters is selected from the Change Configuration (P98200W) screen. Specify the audit file and trigger program that will be used to audit actions made to the file.
The Audit Definition Parameters (P98202) screen pulls the default values for its fields from the Configuration Defaults (P98201) screen.
Figure 2-6 Audit Definition Parameters screen
Description of "Figure 2-6 Audit Definition Parameters screen"
The Audit File Details (P98202) screen has the following fields:
| Field | Explanation |
|---|---|
| Database File: | |
| File Name | The build process does not generate DDS, rather SQL DDL (data definition language - "Create Table") is used to create audit log files. After creation, SVR (F9801/F9802) records are created but there is no source code for an audit file. |
| Library | The library that contains the file to be audited. |
| Description | The description of the file to be audited. |
| Audit Log File: | Specify the name to give the audit log file and the library in which to create it. The library name defaults from the location specified in the Audit Configuration Defaults panel. The name of the audit log file must be unique and not already exist in the audit log library, and it must not currently exist in the Software Versions Repository. When the configuration is built and the audit log file is created, an entry will be added to the Software Versions Repository. |
| File Name | The audit file that records the audit. This file name needs to be a unique file name derived by the user. For example if you are planning to audit the F0101 file, you might name the audit file F0101A or F0101AUD. The Audit file name must follow the JD Edwards World standards and begin with an 'F'. The build process will create the data description specifications (DDS) and physical file. |
| Library | The library where the audit file will be created. |
| Trigger Program: | Specify the name to give the audit trigger program and the library in which to create it. The library name defaults from the location specified in the Audit Configuration Defaults panel. The name of the audit trigger program must be unique and not already exist in the audit log library, and it must not currently exist in the Software Versions Repository. When the configuration is built and the audit trigger program is created, an entry will be added to the Software Versions Repository. |
| Program Name | The program that triggers the audit. This needs to be a unique program name derived by the user. For example, if you are planning to audit the F0101 file you might name the trigger program P0101A or P0101AUD. The program name must follow JD Edwards World standards and begin with a "P'. The build process will create the source code and compile the program to the library. To avoid overlaying source code the system will require the name be unique across all libraries. |
| Library | The library that contains the trigger program object. |
| Electronic Signature: | |
| Require Signature | * – Blank - No electronic signature is required for any action on the audited database file. Triggers are attached to the audit file as *AFTER triggers, and the fields configured for the audit log file are recorded after the database processes the action on the audited database file.
1 – Transaction level signature required - An electronic signature will be expected on all transactions to the audited database file. Transaction authorization is defined and prompted for by the application program invoking the authorization server (P98208) to acquire and establish the electronic signature. Audit trigger programs are attached to the database file as *AFTER triggers. The electronic signature is recorded along with the fields configured in the audit log file. 2 – Record level signature required - An electronic signature is required for all transactions to the audited database file. Record level authorization is prompted for by the audit trigger program. Valid authorization must be provided for the database action to continue. Triggers are attached to the audit file as *BEFORE triggers and failing valid authorization, the database action is terminated and an I/O error is returned to the program initiating the database action. Application program must monitor and be able to handle the I/O error returned by the database trigger program. |
| Trigger Activation Mode | Indicates the type of processing to be used when executing the build, activate, or deactivate functions.
B – Batch - The functions such as the build, adding or removing triggers will be submitted to a JOBQ and run in batch mode. This may need to be used when files are open and locks could prevent triggers from being applied. I – Interactive - he functions such as the build, adding or removing triggers will execute immediately and run interactively. Note: Adding and removing triggers from database files can only be done when there are no locks on the file. That is, when nobody is using or accessing the database file. The batch option may be used along with hidden selection 82 (and Sleeper) to schedule the activation or deactivation of audit triggers configured for control files, or other files that would normally be open during the times when users are accessing the database files. |
The Audit File Details (P98202) screen has one function key exit.
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Database Audit Workbench (P98200). |
2.7 Field Selection List (P98203)
The Field Selection List (P98203) screen lists the data fields in a file. Data fields selected from this screen will be used to trigger the audit process and are recorded for informational reasons. Changes to informational only fields will not cause an audit file record to be written (the trigger programs always fire).
The File Field List (P98203) screen contains the following fields for each listed data field:
| Field | Explanation |
|---|---|
| Option | 2 – Specifies this field as a triggering field. Triggering fields appear in the audit log file record format and are the fields that determine when a change record is written to the audit log file.
1 – Include the field in the audit log file as an informational only field. That is, the field will appear in the audit log file record format. Note: When auditing mode is on a database file, a corresponding record is written to the audit log file every time a record is added to or deleted from the database file. For database file changes, corresponding records are written to the audit log file only when a designated triggering field changes in value. |
| Field | Provides the name of the data field. |
| Description | Provides a description of the data field. |
The File Field List (P98203) screen has one function key exit.
| Function Key | Task |
|---|---|
| F3 | Returns the Database Audit Workbench (P98200). |
2.8 Save Changes (P00CFMCHG)
The Save Changes (P00CFMCHG) screen displays upon updating and exiting the Field Selection List (P98203) screen. The following are the valid function keys for this screen:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Exit without saving any changes. |
| Save/Exit (F6) | Exit and save your changes. |
| Cancel (F12) | Return to the File Selection List (P98203). |
2.9 Confirm Deletion (P00CFMDLT)
The Confirm Deletion (P00CFMDLT) screen allows you to confirm the intent to delete an audit configuration. Deleting removes the program and setup, but does not delete the audit file or the audit file SVR record. The audit file and SVR record must be deleted manually.
The Confirm Deletion (P00CFMDLT) screen has two function key exits.
| Function Key | Task |
|---|---|
| Exit Program (F3) | Cancel the deletion. |
| Delete (F6) | Perform the delete. |
2.10 Database File Triggers (P98211W)
The Database File Triggers (P98211W) screen displays when you select option 7 from the workbench (P98200). This screen automatically displays when adding a new file to the audit process if the file already contains triggers.
Prior to V5R1, the maximum triggers on a file was six; One for each event (action) Add/Change/Delete, and one for each time *BEFORE/*AFTER the file was updated. As of V5R1, the number of triggers has been increased to 300 per file.
Pre-existing triggers may be replaced with new audit triggers during the audit process if the IBM release is prior to V5R1.
Figure 2-10 Database File Triggers Window
Description of "Figure 2-10 Database File Triggers Window"
For each trigger, the Active DBF Triggers (P98211W) screen displays the following information:
| Field | Explanation |
|---|---|
| Trigger | The name of the trigger program. |
| Library | The library that contains the trigger program. |
| Time | A flag indicating when the program runs, before or after the target file is updated. |
| Event | The event that triggers the program. |
The Database File Triggers (P98211W) screen has one function key exit.
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Database Audit Workbench (P98200). |
2.11 Reason Code Maintenance (P98204)
The Reason Code Maintenance (P98204) screen allows you to set up and maintain reason codes. Reason codes indicate what action was made to a file and why. For example, set up an audit to track changes to employee records, and associate the reasons "New Hire", "Employee Relocation", and "Employee Terminated" with the addition, change, or deletion of employee records, respectively.
Reason codes are associated with serial numbers. If a reason code is associated with the audit program and an audit event has been triggered, the serial number is placed in the audit file to provide more information on the triggering event.
Figure 2-11 Reason Code Maintenance screen
Description of "Figure 2-11 Reason Code Maintenance screen"
The Reason Code Maintenance screen lists programs with reason codes defined. Each record listed has the following fields.
| Field | Explanation |
|---|---|
| Program | The name of the update program with which the reason codes are associated. |
| User | The name of the user that would be updating the data file. |
| Event | A – Add
C – Change D – Delete |
| Reason | Description - Information about the events being audited. |
By entering an option number in the Option field for a displayed file, you can perform the following tasks:
| Option | Task |
|---|---|
| 1 | Display inactive reason codes. |
| 2 | Edit or delete existing reason codes. |
In addition to the options, there is one function key exit:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns the Reason Code Maintenance (P90204) |
2.12 Inactive Reason Codes (P98204I)
The Inactive Reason Codes (P98204I) screen lists reason codes that are no longer associated with an update program. Reason codes are codes that associate reasons with events recorded in the audit file.
Display Inactive Reason Codes (P98204I) screen by entering 1 in the option field of a program listed on the Reason Code Maintenance (P98204) screen.
The Inactive Reason Codes (P98204I) screen provides the following information for each inactive reason code listed.
| Field | Explanation |
|---|---|
| Program | The program if the reason code. |
| User | The user. |
| Date | The date the reason became inactive. |
| Event | A – Add
C – Change D – Delete |
| Description | A description of the reason code. |
In addition to the options, there is one function key exit:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns to the Database Audit Manager (G946). |
2.13 Electronic Signature (P98208)
An electronic signature is validation of the user credentials, a confirmation that the user identity is known and has been established. The electronic signature is carried along with the transaction for auditing trail and logging purposes.
You are prompted for credential validation before continuing with this database transaction because the Database Audit Manager is monitoring the file and transactions to this file require an electronic signature.
The Electronic Signature (P98208) screen has the following fields:
| Field | Explanation |
|---|---|
| User | The User ID. |
| Password | The password for the User ID. |
| Transaction Description Note | The text provided for the transaction performed. |
The Electronic Signature (P98208) screen has the following function key:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns to calling program. |
| Associated Text (F14) | Displays the Associated Text (P98209D) screen, allowing additional text to be attached to the audit file record. |
2.14 Associated Text Search (P98209)
The Associated Text Search display is used to access associated text. Various search criteria can be specified to zero in on specific items.
Figure 2-14 Associated Text Search screen
Description of "Figure 2-14 Associated Text Search screen"
The Associated Text Search (P98209) screen has the following fields:
| Field | Explanation |
|---|---|
| Author | The IBM-defined user profile. |
| Subject | Displays the Selection List (P98209X) screen. |
| Category | Displays the Selection List (P98209X) screen. |
| From Date | Displays the Calendar. |
| Audit Log File | Displays the Selection List (P98209X) screen. |
| Through Date | Displays the Calendar. |
| Audit Log Lib | Displays the Selection List (P98209X) screen. |
The Associated Text Search (P98209) screen has the following options:
| Option | Task |
|---|---|
| 1 | Work With Text Header. |
| 2 | Work With Associated Text. |
The Associated Text Search (P98209) screen has the following function key exits:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns to calling program. |
2.15 Associated Text Properties (P98209H)
The Associated Text Properties panel is used to label text with a title, subject, and category, and also associate the text with a document connected by a URL. The URL can be a hotlink to an IFS directory or a server accessible through your web browser.
Figure 2-15 Associated Text Properties Window
Description of "Figure 2-15 Associated Text Properties Window"
The Associated Text Properties (P98209H) screen has the following fields:
| Field | Explanation |
|---|---|
| Template | Identifies the group of text as a template. |
| Title | Title name given to a group of text. |
| Subject | Displays the Selection List (P98209X) screen. |
| Category | Displays the Selection List (P98209X) screen. |
| Hyperlink to external document (URL/IFS) | Hyperlink to a document that is associated with this group of text. |
The Associated Text Properties (P98209H) screen has the following function key exit:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns to calling program. |
2.16 Associated Text (P98209D)
The associated text editor enables free form text entry. Editing functions and capabilities are more robust than the Generic Text editor. Work is saved in a temporary workspace then applied to the production file upon exiting the editor.
The Associated Text (P98209D) screen has the following fields:
| Field | Explanation |
|---|---|
| Find | Search criteria you need to find. |
| Go To Page | The system takes you to the page number you typed, if it is available. |
| Editor | Free form text entry. |
The Associated Text (P98209D) screen has the following function key exits:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns to calling program. |
| Position Cursor to Command Line (F10) | Position Cursor to Command Line. |
| Position Cursor to Page Number (F11) | Position Cursor to Page Number. |
| Toggle Command Line Display (F13) | Toggle Command Line Display. |
| Insert Line at Cursor Position (F14) | Insert Line at Cursor Position. |
| Split Text Line at Cursor Position (F15) | Split Text Line at Cursor Position. |
| Scan Forward for Text from Cursor (F16) | Scan Forward for Text from Cursor. |
| Scan Backwards for Text from Cursor (F17) | Scan Backwards for Text from Cursor. |
| Copy Text Line at Cursor Position (F18) | Copy Text Line at Cursor Position. |
| Merge Text Line Below up to Cursor Line (F19) | Merge Text Line Below up to Cursor Line. |
| Display Text Properties (F20) | Display Text Properties. |
| Delete Line at Cursor Position (F23) | Delete Line at Cursor Position. |
2.17 Selection List (P98209X)
The Associated Text Search Selection List (P98209X) is the cursor help program for the Associated Text Search program. Since the descriptive columns such as subject, category, etc. are free form entry fields, this window will dynamically build the query list to display all values for the requested column you selected.
The Selection List (P98209X) screen has the following fields:
| Field | Explanation |
|---|---|
| Description | A description of the available selections. |
The Selection List (P98209X) screen has the following function key exit:
| Function Key | Task |
|---|---|
| Exit Program (F3) | Returns to calling program. |