How to Audit and Monitor BI Publisher Reports Access?

Loupe_Audit

Do you know who is accessing to which report at what time at your reporting environment ? As you delivered the BI Publisher reports to the production environment and your users start using them as part of their daily business operations you might wonder such questions.

With compliance becoming an integral part of any business requirement, auditing your reporting environment is also becoming one of the most critical and hot agenda in today’s enterprise reporting deployments. Also, I believe that auditing the reporting environment is not just for the compliance, but also the way to understand how your users are using the reports and be able to improve the user reporting experience.

BI Publisher have introduced Enterprise Level Auditing feature with its 11G release, with an integration of Oracle Fusion Middleware Audit Framework, which comes out of the box with the installation. Yes, this is another great example of the benefit of its tight integration with Fusion Middleware introduced with BI Publisher 11g release.

What Information Can I Know about our Reporting Environment?

With this new Auditing feature you can now gain the following insights.

  • When a particular user login or logout
  • What report is accessed by who and when and how
  • How long does it take to process a particular report

Yes, it’s all there. This is a great news for 10G users, right ? I used to be one of them working with many different IT organizations and were craving for this, but it’s here now with 11G!

How Can I Access to the Auditing Information?

With the Fusion Middleware Auditing Framework, BI Publisher feed such information either to a log file or to a database. If you decided to get the data into the database then, of course you know, you can use BI Publisher to report and publish, or visualize the data to gain more insights. One thing though, in order to feed the data it requires a few extra steps, which I’ll cover it later. 

Regardless of whether it’s the log file or the database to store the Auditing data, first, you need to enable the Auditing feature, which is not enabled as default. So, let’s take a look at how to enable it.

How to Enable Auditing Feature?

Here is a quick list of the steps:

  1. Enable Auditing related properties in BI Publisher configuration file
  2. Copy component_events.xml file to Fusion Middleware Audit Framework’s location
  3. Enable Auditing Policy with Fusion Middleware Control (Enterprise Manager)
  4. Restart WebLogic Server

Enable Auditing related properties in BI Publisher configuration file

  1. Open xmlp-server-config.xml file, which is located under $BI_HOME/ user_projects/domains/bifoundation_domain/config/bipublisher/repository/Admin/Configuration directory.
  2. Set the following three properties values to ‘true’.
  • AUDIT_ENABLED
  • MONITORING_ENABLED
  • AUDIT_JPS_INTEGRATION
  • The ‘AUDIT_JPS_INTEGRATION’ is not in the file as default, so you need to add this. Here is an example of how it looks for the xmlp-server-config.xml file after the modification.

    <?xml version="1.0" encoding="UTF-8" standalone="no"?><xmlpConfigxmlns="http://xmlns.oracle.com/oxp/xmlp">

    <property name="SAW_SERVER" value="adc6160510"/>

    <property name="SAW_SESSION_TIMEOUT" value="90"/>

    <property name="DEBUG_LEVEL" value="exception"/>

    <property name="SAW_PORT" value="7001"/>

    <property name="SAW_PASSWORD" value=""/>

    <property name="SAW_PROTOCOL" value="http"/>

    <property name="SAW_VERSION" value="v6"/>

    <property name="SAW_USERNAME" value=""/>

    <property name="SAW_URL_SUFFIX" value="analytics/saw.dll"/>

    <property name="MONITORING_ENABLED" value="true"/>

    <property name="MONITORING_DEFAULT_HISTORY_SIZE" value="30"/>

    <property name="AUDIT_ENABLED" value="true"/>

    <property name="JSESSION_RESET_DISABLED" value="true"/>

    <property name="SECURITY_MODEL" value="ORACLE_AS_JPS"/>

    <property name="AUDIT_JPS_INTEGRATION" value="true"/>

    </xmlpConfig>

     

    Copy component_events.xml file to Audit Framework’s location

    There is a Audit related configuration file provided by BI Publisher that needs to be copied to the Audit Framework location.

    1. Go to the following directory.

    $BI_HOME /oracle_common/modules/oracle.iau_11.1.1/components

    2. Create a directory called ‘xmlpserver’

    3. Copy component_events.xml file from

    /user_projects/domains/bifoundation_domain/config/bipublisher/repository/Admin/Audit

    To

    the newly created ‘xmlpserver’ directory.

    Enable Auditing Policy with Fusion Middleware Control (EM)

    Now you can set a level of the auditing for each BI Publisher’s auditing type by using Fusion Middleware Control (a.k.a. Enterprise Manager).

    1. Login to Fusion Middleware Control UI

    http://hostname:port/em (e.g. reporting.oracle.com:7001/em)

    2. Access to Audit Policy configuration UI from the menu

    Under WebLogic Domain, right-click bifoundation_domain, select Security and then click Audit Policy.

    clip_image002

     

    3. Set Audit Level for BI Publisher.

    While you can select ‘Custom’ to set a customized level of Auditing for each component, I’m selecting ‘Medium’ for this exercise.

    clip_image004

     

    Restart WebLogic Server

    After all the above settings, now you need to restart the WebLogic Server instance in order to take those changes in effect. If you’re on Windows you can simply do this by selecting ‘Stop BI Servers’ and ‘Start BI Servers’ from the Start menu.

    clip_image006

    If you’re on Linux then you can run ‘stopWebLogic.sh’ and ‘startWebLogic.sh’, which can be found under $BI_HOME/user_projects/domains/bifoundation_domain/bin

    Start Auditing!

    Now assuming that you have completed the above steps successfully, then from this point on any reporting activity should be audited and stored in the auditing log file, which can be found at $BI_HOME/user_projects/domains/bifoundation_domain/servers/AdminServer/logs/auditlogs/xmlpserver/audit.log

    And here is a sample of the log file:

    2011-02-18 02:25:49.928 "" "ReportRendering" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportExecution" "200" "" "/Sample Lite/Published Reporting/Reports/Balance Letter.xdo" "pdf" "RTF Corp Styles" "en_US" - - - - - - - - - - - - - - 86608512 486989824 24517 169 - - -

    2011-02-18 02:25:49.929 "steve.jobs" "ReportRequest" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportAccess" "200" "" "" "pdf" "RTF Corp Styles" - - - true - - - - - - - - - - - - - - - - - -

    2011-02-18 03:25:49.554 "" "ReportDataProcess" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportExecution" "260" "" "/Sample Lite/Published Reporting/Reports/Balance Letter.xdo" - - - - - - - - - - - - - - - - - 34980200 554033152 - 134 - - -

    2011-02-18 03:25:50.282 "" "ReportRendering" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportExecution" "263" "" "/Sample Lite/Published Reporting/Reports/Balance Letter.xdo" "pdf" "RTF Corp Styles" "en_US" - - - - - - - - - - - - - - 16158944 554033152 24517 503 - - -

    2011-02-18 03:25:50.282 "steve.jobs" "ReportRequest" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000022,0" - - - - "bipublisher(11.1.1)" "ReportAccess" "263" "" "" "pdf" "RTF Corp Styles" - - - true - - - - - - - - - - - - - - - - - -

    2011-02-18 03:30:00.448 "barack.obama" "UserLogin" true - "82d4bdc47b99b33c:-7e3f334f:12e365c4d9c:-8000-0000000000000406,0" - - - - "bipublisher(11.1.1)" "UserSession" "26" "" - - - - - - - - - - - - - - - - - - - - - - - - -

    From the above log file you can tell a user ‘steve.jobs’ was running some reports like ‘Balance Letter’ around afternoon on 2/18 and another user ‘barack.obama’ logged into the system at 3:30 on the same day. Yes, every login and log out will be recorded, and every report access will be recorded in this log file.

    Now, looking at this text file to understand what’s going on is pretty overwhelming. And accessing to this log file, which is located at the server’s file system where the BI Publisher/WebLogic Server are running, is another challenge in typical deployment scenarios. And that’s where the database storage option for the Auditing data  comes into a picture. I’ll talk about this tomorrow, so stay tuned!

     

    Follow bipublisher on Twitter

    Comments:

    Post a Comment:
    • HTML Syntax: NOT allowed
    About

    Follow bipublisher on Twitter Find Us on Facebook BI Publisher Youtube ChannelDiscussion Forum

    Join our BI Publisher community to get the most and keep updated with the latest news, How-to, Solutions! Share your feedback and let us hear your voice @bipublisher on Twitter, on our official Facebook page, and Youtube!

    Search

    Archives
    « April 2014
    SunMonTueWedThuFriSat
      
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
       
           
    Today