Creating custom audit reports

This section contains information to help you understand the auditing database and the information it records about audit actions. With this information, you can use Crystal Reports to create custom audit reports of user and system actions.

See your Crystal Reports User's Guide for full instructions on creating reports.

Auditing database schema reference

For every audit action that it records, Crystal Enterprise collects the set of information outlined here. Not every field will be recorded for each audit action; for example, there is no object ID associated with a successful user logon.

Note: Crystal Enterprise uses the LVARCHAR data type on Informix databases, rather than NVARCHAR.

.

Field Type Detail

EventID

VARCHAR(64)

String that uniquely identifies each audit record in the database. Primary key for table.

AuditID

DECIMAL 9(10,0)

Number that uniquely identifies the type of action the entry represents. See the AuditID and AuditString reference for details.

MachineName

NVARCHAR(255)

Machine name of the server that produced the action.

FriendlyName

NVARCHAR(255)

Friendly name of the server that produced the action. The server's friendly name is the name displayed in the CMC. The default friendly name is hostname.servertype.

UserID

DECIMAL 9(10,0)

Info Object ID of user who performed the action. This number uniquely identifies a user.

UserName

NVARCHAR(255)

Name of user who performed the action.

UserGroups

NVARCHAR(255)

Group or groups that the user belongs to. If user belongs to more than one group, the names are separated by the | character.

ObjectID

DECIMAL 9(10,0)

Info Object ID of object associated with the action. This number uniquely identifies an object. This field may be empty if there is no object associated with an audit action.

ObjectName

NVARCHAR(255)

Name of the object. For example, if the object is a report, this field will hold the name of the report.

ObjectType

NVARCHAR(255)

Type of object. For example an object may be a report, a folder, an object package or a program object.

ObjectPath

NVARCHAR(255)

Path to object. The path is included because the object name may not be unique.

SessionID

DECIMAL 9(10,0)

Each time a user logs on, they are granted a session ID. This field may be empty if the action being audited is not associated with a user session. For example, a user can schedule a job to run overnight, when they are not logged onto Crystal Enterprise. The audit record showing the success or failure of this job will not have a session ID.

Timestamp

VARCHAR(64)

Time of action in UTC (Coordinated Universal Time) to the nearest millisecond. The time stamp is created by the server recording the action in its log file, and includes any correction necessary to synchronize with CMS time.

You may want to correct this time to your local time zone when creating audit reports.

Version

VARCHAR(16)

Version of Crystal Enterprise on server that produced the action.

Language

NVARCHAR(32)

Language of Crystal Enterprise server that produced the action.

SrcPrefix

NVARCHAR(32)

String representing the type of server that produced the action.
Possible values: cms, jobserver, eventserver, cacheserver, rptappserver.

AuditString

NTEXT (16)

Text string that describes audit action. See AuditID and AuditString reference for a complete list of audit strings.

Field	Type	Detail
EventID	VARCHAR(64)	String that uniquely identifies each audit record in the database. Primary key for table.
AuditID	DECIMAL 9(10,0)	Number that uniquely identifies the type of action the entry represents. See the AuditID and AuditString reference for details.
MachineName	NVARCHAR(255)	Machine name of the server that produced the action.
FriendlyName	NVARCHAR(255)	Friendly name of the server that produced the action. The server's friendly name is the name displayed in the CMC. The default friendly name is `hostname.servertype.`
UserID	DECIMAL 9(10,0)	Info Object ID of user who performed the action. This number uniquely identifies a user.
UserName	NVARCHAR(255)	Name of user who performed the action.
UserGroups	NVARCHAR(255)	Group or groups that the user belongs to. If user belongs to more than one group, the names are separated by the \| character.
ObjectID	DECIMAL 9(10,0)	Info Object ID of object associated with the action. This number uniquely identifies an object. This field may be empty if there is no object associated with an audit action.
ObjectName	NVARCHAR(255)	Name of the object. For example, if the object is a report, this field will hold the name of the report.
ObjectType	NVARCHAR(255)	Type of object. For example an object may be a report, a folder, an object package or a program object.
ObjectPath	NVARCHAR(255)	Path to object. The path is included because the object name may not be unique.
SessionID	DECIMAL 9(10,0)	Each time a user logs on, they are granted a session ID. This field may be empty if the action being audited is not associated with a user session. For example, a user can schedule a job to run overnight, when they are not logged onto Crystal Enterprise. The audit record showing the success or failure of this job will not have a session ID.
Timestamp	VARCHAR(64)	Time of action in UTC (Coordinated Universal Time) to the nearest millisecond. The time stamp is created by the server recording the action in its log file, and includes any correction necessary to synchronize with CMS time. You may want to correct this time to your local time zone when creating audit reports.
Version	VARCHAR(16)	Version of Crystal Enterprise on server that produced the action.
Language	NVARCHAR(32)	Language of Crystal Enterprise server that produced the action.
SrcPrefix	NVARCHAR(32)	String representing the type of server that produced the action. Possible values: cms, jobserver, eventserver, cacheserver, rptappserver.
AuditString	NTEXT (16)	Text string that describes audit action. See AuditID and AuditString reference for a complete list of audit strings.

Creating custom audit reports

Auditing database schema reference

Related topics