Security audit/logs for AC6.1/7 | Community
Skip to main content
Y
yetanother_andrey
Level 3
September 27, 2017
Solved

Security audit/logs for AC6.1/7

  • September 27, 2017
  • 2 replies
  • 2635 views

Hi,

Unfortunately, AC data model has the only option to show 'who edited this item last' - Last Modified as a link to Operator who modified the item last time.

This is not enough because often I hear questions from colleagues like 'who modified workflow/delivery/template/campaign, and _what_ was changed?'

For some systems which haven't any security logs we have experience in creating triggers in the database which stores insert/update/delete transactions over particular tables somewhere in external tables/database. But it is not the case as we're using instance hosted by Adobe and don't have direct access to postgres to maintain such solution.

The other theoretical option is to modify soaprouter. As an entry-point of all Console-Server communication it knows exactly what requests are being sent from each user. But, once again, there is no option to modify soaprouter in case of hosted instance.

Does anybody have any experience in organizing any king of security logs/audit to keep track of changes made by users? Or probably there is a planned feature?

Thanks,

Andrey

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Jean-Serge_Biro

Hi Andrey,

I share your concerns, for another major reason:

because GDPR European law that will apply in May 2018 requires such audit logs functionalities.

Some of these audit logs may be given by underlying RDBMS of course, where audit is done at table/row/column level at least for Oracle and SQL Server RDBMS.


But the GDPR regulation also requires to get logs at functional level: who extracted data for whom, etc.
Such data traceability/ lineage is frequently given by ETL (Extract/Transform/Load) tools such as Informatica, Talend, Microsoft SSIS, etc.

But this question must be addressed by Adobe product and legal teams quickly.

GDPR - Adobe Campaign compliance and tools

Regards
J-Serge

2 replies

Jean-Serge_Biro
Jean-Serge_BiroAccepted solution
Level 10
September 27, 2017

Hi Andrey,

I share your concerns, for another major reason:

because GDPR European law that will apply in May 2018 requires such audit logs functionalities.

Some of these audit logs may be given by underlying RDBMS of course, where audit is done at table/row/column level at least for Oracle and SQL Server RDBMS.


But the GDPR regulation also requires to get logs at functional level: who extracted data for whom, etc.
Such data traceability/ lineage is frequently given by ETL (Extract/Transform/Load) tools such as Informatica, Talend, Microsoft SSIS, etc.

But this question must be addressed by Adobe product and legal teams quickly.

GDPR - Adobe Campaign compliance and tools

Regards
J-Serge

florentlb
florentlb
Level 10
October 10, 2017

Hi Andrey,

There are internal discussions currently going on to address GDPR. I'm gathering some info and hope to be able to share that soon.

Don't hesitate to raise your specific request through our support portal in the meantime.

Florent

Terms & ConditionsAccessibility statement

Loading footer...