How to add a lot of tables to the OpenEdge PSC-App-Tables auditing policy?

Question

we have added a group of tables of our OpenEdge database, to the PSC default policy. And it went really good for more than a year.

Now our new CIO wants every table of the database to be included.

We tried to disuade him, we explained, but....

So, there is a lot of tables. I'm looking a way to add them without typing everything.

I created an XML file with all the new tables, using the same format and tried to import it as a new policy. But the Audit Policy Maintenance doesn't accept it. The error message is The file C:\Tmp\archivos-agregar.xml has changed since it was exported or it does not contain the seal information.

Of course it doesn't, I made it.

And here I am right now, asking for your help. Is there a way to enter a lot of tables in this policy?

This is a sample of the XML file:

    ***<?xml version="1.0" encoding="UTF-8"?>
    <Policies>
      <Policy GUID="Mercadeo" Name="PSC-App-Tablas">
        <policy-properties>
          <_Audit-policy-description>Database record CUD operations</_Audit-policy-description>
          <_Audit-data-security-level>0</_Audit-data-security-level>
          <_Audit-custom-detail-level>0</_Audit-custom-detail-level>
          <_Audit-policy-active>YES</_Audit-policy-active>
        </policy-properties>
    <audit-table Name="admaplic" Owner="PUB">
    <_Audit-create-level>2</_Audit-create-level>
    <_Create-event-id>5100</_Create-event-id>
    <_Audit-update-level>3</_Audit-update-level>
    <_Update-event-id>5101</_Update-event-id>
    <_Audit-delete-level>2</_Audit-delete-level>
    <_Delete-event-id>5102</_Delete-event-id>
    </audit-table>
    
    (lot of files here)
    
    <audit-table Name="xopeprodalm" Owner="PUB">
    <_Audit-create-level>2</_Audit-create-level>
    <_Create-event-id>5100</_Create-event-id>
    <_Audit-update-level>3</_Audit-update-level>
    <_Update-event-id>5101</_Update-event-id>
    <_Audit-delete-level>2</_Audit-delete-level>
    <_Delete-event-id>5102</_Delete-event-id>
    </audit-table>
        <audit-event Event-id="5100">
          <_Event-level>1</_Event-level>
          <_Event-criteria></_Event-criteria>
        </audit-event>
        <audit-event Event-id="5101">
          <_Event-level>1</_Event-level>
          <_Event-criteria></_Event-criteria>
        </audit-event>
        <audit-event Event-id="5102">
          <_Event-level>1</_Event-level>
          <_Event-criteria></_Event-criteria>
        </audit-event>
        <audit-event Event-id="32000">
          <_Event-level>2</_Event-level>
          <_Event-criteria></_Event-criteria>
        </audit-event>
      </Policy>
    </Policies>***

EDIT Feb. 2, 2023: My guy listened to the performance argument and I selected a reasonable number of main tables that I have entered manually. This solves "my" problem. Thanks to Tom.

Does your CIO know that "audit everything" could result in performance being reduced to 10% of normal? Or worse. Not a loss of 10% but 10% OF what it normally is. Worst case "audit everything" could result in *hundreds* of write operations where there was previously just one... Ok, you _probably_ won't see the very worst case but even the best case means doubling the number of writes. — Tom Bascom, Jan 31 '23 at 14:57
I told him about the disk space but not about the number of writes. I'll insist, thank you. But I guess there will be no effect. — Ezequiel, Jan 31 '23 at 19:36

Tom Bascom · Accepted Answer · 2023-01-31T14:42:07.347

4

There is an API that you can use instead of the GUI tool. It is documented here: https://docs.progress.com/bundle/openedge-programming-interfaces/page/Generic-utility-API.html

There are also a bunch of kbase articles on programmaticly updating audit policies that could be helpful.

This article: https://community.progress.com/s/article/P126837 might be particularly helpful as it provides an example of coding a utility for the TTY world.

edited Jan 31 '23 at 14:42

answered Jan 31 '23 at 12:47

Tom Bascom

13,405
2
27
33

1

I also thought that I had some sample code but I cannot find it, sorry. But the link above does indicate that the source for the policy management tool is available so, worst case, you should be able to modify that to read a list of tables from a file or some other headless approach. – Tom Bascom Jan 31 '23 at 14:10
1

I followed the instructions for the API solution but it happens my Openedge to be 11.6.4, and there is a bug on 11.6 than prevents me from this little success. There is a solution in a KB article but my boss finally agreed to set only the main tables. – Ezequiel Feb 03 '23 at 21:07

How to add a lot of tables to the OpenEdge PSC-App-Tables auditing policy?

1 Answers1