Auditing in CMS
When any organization use CMS like Alfresco to store their business critical documents Most of the times they will come up with requirement of Auditing where they want to track all user activities on business critical documents to ensure the security and detect potential security breaches. It becomes very important requirement in those cases where documents are very critical and each and every activity on them should be monitored.
How Alfresco support Auditing?
Alfresco does provide this auditing feature out of box where we can easily track those user activities based on our requirements. Below is the overall architecture of Alfresco auditing system although audit configurations has been changed a lot from their preliminary version basic architecture remains same.
Main Building blocks of Alfresco Audit system are
Data Producers: These are the entities which generates data which can be audited. They have no knowledge of how – or even if – data will be stored.
Data Extractor: These are components that use input data to produce some output, either transforming the data or merely outputting the data verbatim. The simplest extractor is the SimpleValueDataExtractor.
Package org.alfresco.repo.audit.extractor and beans auditModel.extractor.* declared in alfresco/audit-services-context.xml full list of all such DataGenerators present in alfresco.
Data Generators: These are components which are also produce audit data when datapath is active but it is not dependent on data path value. For Instance AuthenticatedUserDataGenerator will produce currently authenticated user name
org.alfresco.repo.audit.generator and beans auditModel.generator.* declared in alfresco/audit-services-context.xml contains full list of all such DataGenerators present in alfresco.
Audit Service: This is the service which is used for retrieval of Audit data from database. Once Data is stored in alfresco it is very essential to retrieve it from database so that it could be used to generate reports or show information on alfresco dashlet directly.
Data Paths: These are mappings of audit data with application. So, that whenever particular path from application is active or being invoked respective auditing component is invoked and will track auditing data. For more details on Data path mapping you should refer “Understanding PathMappings” section from this article on alfresco wiki.
Where Audit Data is stored?
Once we enable auditing in Alfresco all audit information is captured on the event and stored in database important audit related tables are as below.
- alf_audit_model: Audit configuration files are recorded here.
- alf_audit_application: An entry for each logical application. There may be several audit applications defined in a single audit model.
- alf_audit_entry: Each call to AuditComponent.recordAuditValues will result in an entry here. There is a reference to a property.
How captured Audit data can be used?
There are many ways we can use audit information captured in alfresco database
Reporting Tool integration: As explained in my previous blog “Alfresco Audit Analysis and Reporting in Alfresco ” We can integrate pentaho Data Mart through AAAR tool which consume alfresco audit data and generate reports in form of pie charts and bar graphs.
Alfresco Audit Dashlet: Alfresco has one audit dashlet which pull audit data from database and show can show that information on dashlet to give audit information to administrator.
This will give you some details about auditing in alfresco.