Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Security audit/logs for AC6.1/7

Avatar

Avatar
Validate 10
Level 2
yetanother_andrey
Level 2

Likes

18 likes

Total Posts

31 posts

Correct Reply

1 solution
Top badges earned
Validate 10
Validate 1
Boost 5
Boost 3
Boost 10
View profile

Avatar
Validate 10
Level 2
yetanother_andrey
Level 2

Likes

18 likes

Total Posts

31 posts

Correct Reply

1 solution
Top badges earned
Validate 10
Validate 1
Boost 5
Boost 3
Boost 10
View profile
yetanother_andrey
Level 2

27-09-2017

Hi,

Unfortunately, AC data model has the only option to show 'who edited this item last' - Last Modified as a link to Operator who modified the item last time.

This is not enough because often I hear questions from colleagues like 'who modified workflow/delivery/template/campaign, and _what_ was changed?'

For some systems which haven't any security logs we have experience in creating triggers in the database which stores insert/update/delete transactions over particular tables somewhere in external tables/database. But it is not the case as we're using instance hosted by Adobe and don't have direct access to postgres to maintain such solution.

The other theoretical option is to modify soaprouter. As an entry-point of all Console-Server communication it knows exactly what requests are being sent from each user. But, once again, there is no option to modify soaprouter in case of hosted instance.

Does anybody have any experience in organizing any king of security logs/audit to keep track of changes made by users? Or probably there is a planned feature?

Thanks,

Andrey

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Validate 1
MVP
Jean-Serge_Biro
MVP

Likes

353 likes

Total Posts

464 posts

Correct Reply

153 solutions
Top badges earned
Validate 1
Boost 50
Boost 5
Boost 3
Boost 250
View profile

Avatar
Validate 1
MVP
Jean-Serge_Biro
MVP

Likes

353 likes

Total Posts

464 posts

Correct Reply

153 solutions
Top badges earned
Validate 1
Boost 50
Boost 5
Boost 3
Boost 250
View profile
Jean-Serge_Biro
MVP

27-09-2017

Hi Andrey,

I share your concerns, for another major reason:

because GDPR European law that will apply in May 2018 requires such audit logs functionalities.

Some of these audit logs may be given by underlying RDBMS of course, where audit is done at table/row/column level at least for Oracle and SQL Server RDBMS.


But the GDPR regulation also requires to get logs at functional level: who extracted data for whom, etc.
Such data traceability/ lineage is frequently given by ETL (Extract/Transform/Load) tools such as Informatica, Talend, Microsoft SSIS, etc.

But this question must be addressed by Adobe product and legal teams quickly.

GDPR - Adobe Campaign compliance and tools

Regards
J-Serge

Answers (1)

Answers (1)

Avatar

Avatar
Give Back 50
Level 10
florentlb
Level 10

Likes

236 likes

Total Posts

1,109 posts

Correct Reply

239 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 200
View profile

Avatar
Give Back 50
Level 10
florentlb
Level 10

Likes

236 likes

Total Posts

1,109 posts

Correct Reply

239 solutions
Top badges earned
Give Back 50
Give Back 5
Give Back 3
Give Back 25
Give Back 200
View profile
florentlb
Level 10

10-10-2017

Hi Andrey,

There are internal discussions currently going on to address GDPR. I'm gathering some info and hope to be able to share that soon.

Don't hesitate to raise your specific request through our support portal in the meantime.

Florent