Expand my Community achievements bar.

We are excited to introduce our latest innovation to enhance the Adobe Campaign user experience — the Adobe Campaign v8 Web User Interface!
Read More
SOLVED

Security audit/logs for AC6.1/7

Avatar

Level 3
Level 3
9/27/17 8:02:44 AM

Hi,

Unfortunately, AC data model has the only option to show 'who edited this item last' - Last Modified as a link to Operator who modified the item last time.

This is not enough because often I hear questions from colleagues like 'who modified workflow/delivery/template/campaign, and _what_ was changed?'

For some systems which haven't any security logs we have experience in creating triggers in the database which stores insert/update/delete transactions over particular tables somewhere in external tables/database. But it is not the case as we're using instance hosted by Adobe and don't have direct access to postgres to maintain such solution.

The other theoretical option is to modify soaprouter. As an entry-point of all Console-Server communication it knows exactly what requests are being sent from each user. But, once again, there is no option to modify soaprouter in case of hosted instance.

Does anybody have any experience in organizing any king of security logs/audit to keep track of changes made by users? Or probably there is a planned feature?

Thanks,

Andrey

Views

2.2K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 10
Level 10
9/27/17 8:15:21 AM

Hi Andrey,

I share your concerns, for another major reason:

because GDPR European law that will apply in May 2018 requires such audit logs functionalities.

Some of these audit logs may be given by underlying RDBMS of course, where audit is done at table/row/column level at least for Oracle and SQL Server RDBMS.


But the GDPR regulation also requires to get logs at functional level: who extracted data for whom, etc.
Such data traceability/ lineage is frequently given by ETL (Extract/Transform/Load) tools such as Informatica, Talend, Microsoft SSIS, etc.

But this question must be addressed by Adobe product and legal teams quickly.

GDPR - Adobe Campaign compliance and tools

Regards
J-Serge

View solution in original post

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Level 10
Level 10
9/27/17 8:15:21 AM

Hi Andrey,

I share your concerns, for another major reason:

because GDPR European law that will apply in May 2018 requires such audit logs functionalities.

Some of these audit logs may be given by underlying RDBMS of course, where audit is done at table/row/column level at least for Oracle and SQL Server RDBMS.


But the GDPR regulation also requires to get logs at functional level: who extracted data for whom, etc.
Such data traceability/ lineage is frequently given by ETL (Extract/Transform/Load) tools such as Informatica, Talend, Microsoft SSIS, etc.

But this question must be addressed by Adobe product and legal teams quickly.

GDPR - Adobe Campaign compliance and tools

Regards
J-Serge

Views

1.5K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 10
Level 10
10/10/17 5:55:47 AM

Hi Andrey,

There are internal discussions currently going on to address GDPR. I'm gathering some info and hope to be able to share that soon.

Don't hesitate to raise your specific request through our support portal in the meantime.

Florent

Views

1.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate