Data retrieval and restoration can be a tedious task if users deliberately or accidentally manipulate iSeries data. When system security is compromised, administrators must frequently ask who, what, when, where, and how. Although the iSeries has several audit logs and trigger devices to monitor system events, it lacks the front-end mechanisms to notify administrators of sensitive data modifications to enable efficient monitoring, identification, and retrieval of altered data. Dynamic Systems Solutions, Inc.'s (DSS) Auditron400 software helps you maintain data integrity. It can track, capture, and report sensitive field-level data modifications in any iSeries database. It also maintains a historical modifications reference for audit and control.

Auditron400 captures and reports the before and after images of any field's additions, changes, or deletions to facilitate the prompt retrieval and accurate restoration of original values. It also displays detailed job information (e.g., program, user, date, time of modification). You can create customized online inquiries and reports to investigate audit results. A comprehensive set of tools lets you manage and control system security by monitoring sensitive data for potential threats, which reduces time and resources needed to investigate, retrieve, and restore original settings.

A custom installation procedure lets you quickly implement Auditron400 right out of the box. After you enter a few pieces of information, the software installs automatically and takes you to the main menu (Figure 1) in approximately 10 to 15 minutes.

Set Up Files and Fields for Audit

Authorized administrators can selectively choose files and fields to monitor and then create their own custom audit logs for control and reporting. The customizable reports and inquiries are flexible enough that administrators can directly access desired information without filtering through massive audit logs. In addition, the software can link additional reporting fields to the audited fields to display how data modifications affect related system applications.

To select files and fields for auditing, you must first build the audit database. To do so, you enter the libraries that contain the files and fields to monitor, and the application automatically creates the database. Figure 2 shows the Define Files to Audit display (option 2 on the main menu), where you enter the library name. The application then prompts a listing of that library's files. You select the file that holds the fields to be monitored, and the system automatically provides a listing of that file's fields. Now, you select the fields for which Auditron400 will track modifications.

In addition, the software can assign additional reporting fields to a field being audited. It doesn't monitor these additional fields for changes, but when audited fields are modified, Auditron400 reports the additional field's values, which provides a greater view of the data alterations' impact. You can also categorize audited fields by their severity level and assign message warnings for individual fields to be displayed in both the online inquiry and report.

Select Message-Alert Features

To maintain data integrity and provide system security, Auditron400 can notify specified users of data modifications. After selecting the files, fields, and additional reporting fields to monitor, authorized users can set up message-warning features for the appropriate parties. Specified users simply return to Define Files to Audit, choose option 7 at the bottom of the display, and select the file for which the message warning is to be set. The Message Alert window (Figure 3) prompts them to enter user IDs for the appropriate parties. The software then notifies select users of any alteration via AS/400 Message Break. The message provides information about the library, file, and field modified to enable immediate restoration of original settings.

Investigate Audit Results and Restore Data

Investigating and identifying data changes are perhaps the most difficult tasks of maintaining data integrity. Auditron400 provides a customizable online inquiry and user-controlled report to eliminate this time-consuming process. With the highly selective reporting features, you can report on specific elements instead of producing global reports filled with unnecessary information.

In the online Auditron Information Inquiry in Figure 4 (option 4 on the main menu), authorized users can access audit results by file, field, additional reporting field, user ID, date, time, transaction type, and more. Select option 1 on this inquiry screen to view additional reporting field values and assigned message warnings. Choosing option 2 displays the job information (e.g., date, time, user, program used for modification) and the selected fields' before and after field values.

Figure 5 shows Auditron400's Audit Report (option 5 on the main menu), which offers many user-controlled selection criteria to create a concise and easy-to-read data-modifications report. Users can limit or expand the report contents by selecting date ranges, time ranges, libraries, files, fields, severity levels, user IDs, transaction types, and additional reporting field values. The reports provide complete job information, additional reporting field values, and assigned text message warnings to enable accurate restoration of prior settings.

Maintain Data Integrity

Regardless of a network's size or configuration, the threat of users inadvertently or intentionally manipulating sensitive data is always present. Data modifications can cause serious and damaging consequences to a business's daily processes. Auditron400 can notify you immediately of compromising alterations, so you can efficiently restore settings and maintain data integrity.

Shana Zumpano is the manager of product sales and marketing for Dynamic Systems Solutions, Inc.