About the Access Log

You can enable access logs that provide auditing of all access right grants and denials on a client’s system.

Linux systems make use of the Linux syslog(3) interface to log, write, or forward messages to designated files or users. Windows systems use the Application Event Log. Because these O/S logging facilities are utilized, existing auditing tools can be modified easily to include the 3DSpace access log.

See Also
Log Output
Enabling the Access Log
Error Log and Disk Space

3DSpace checks user access definitions in the business object’s governing Policy. Access can also be defined on Relationships (to/from/connect/disconnect, changetype, freeze, thaw, modifyattributes), Attributes (read, modify), Forms (viewform, modifyform) and Programs (execute) by assigning Rules. The access log includes information on where the access was granted—by virtue of the object being in which state in the Policy, or by the existence of what Rule, and the user being part of which Group or Role. The access log also includes the name, IP address, and mac address of the machine used to access the object.

Note: An entry is added only when access is checked. This means that since access is never checked for a user defined as a System Administrator, no log output is generated for this type of user. Additionally, although access may be allowed, this does not infer that the action was successfully completed.