+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 29 of 29
MIS Systems Thread, SIMS.net change request in Technical; To be fair, logins is done via the Event Logs currently. Changes in data, ok, you could use SQL but ...
  1. #16

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,433
    Thank Post
    368
    Thanked 646 Times in 528 Posts
    Rep Power
    159
    To be fair, logins is done via the Event Logs currently. Changes in data, ok, you could use SQL but ideally you want this outside of SQL, after all, if someone's hacked your SQL database, you don't want your logins in the SQL database. They could use Log4net or NLog then log it off to a separate database, log file, logging service (such as a syslog server(. Ironically they're distrubuting Log4Net as part of the standard sims client. NLog and Log4Net are both flexiable enough, they could just start getting it to output to it, then users could define it themselves where it goes from there. If it isn't define, it doesn't get logged. Simple.

  2. #17

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,072
    Thank Post
    377
    Thanked 380 Times in 309 Posts
    Blog Entries
    8
    Rep Power
    178
    @matt40k logins shouldn't be a problem. not passwords or the likes obviously. The usernames are the key part you want to know about. if your db is hacked the usernames might not get you very far. They could be easy to guess. Further integration with AD cold help with that?

  3. #18

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,433
    Thank Post
    368
    Thanked 646 Times in 528 Posts
    Rep Power
    159
    Missing my point @GREED, the point of audit logins is that if you do something, it's trace able. If someones done something it should be audit, regardless of access rights, and they shouldn't be able to wipe it. I suppose until access is limited to only via the application \ api it's all pretty pointless and limited.

    On enterprise system you have dual audit logs, one local and one central, if the local doesnt' match the central, you have a call logged with a reason why - normally you had to clear it due to disc space. It's also handy when your working across systems, such as all your SQL servers getting "random" failed logins from a guy in china - or when you use a reverse proxy.

    Actually doesn't a certain MIS system support Syslog out of the box to do such auditing?

  4. #19

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,991
    Thank Post
    114
    Thanked 507 Times in 342 Posts
    Blog Entries
    2
    Rep Power
    286
    It's perfectly possible to do this; one approach would be to set up triggers on key tables (tables that you find particularly interesting) and create one trigger for an insert, one for update and another for delete.
    The triggers could write the SQLuser, date and time (and I think IP address, but I haven't checked) to a simple shadow table, something like
    User/Table_accessed/Date/Time/IP/Action (Insert/Update/Delete)

    And because we're using triggers from the SQL server, rather than the stored procedures or a logging function from within the SIMS app, it would record activity even if someone hacked it outside of the SIMS application, recording who did something, an indication of what they did and when they did it.

    But this is certainly NOT something to try during a free 5 minutes.
    Last edited by jinnantonnixx; 27th February 2012 at 02:25 PM.

  5. #20

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,072
    Thank Post
    377
    Thanked 380 Times in 309 Posts
    Blog Entries
    8
    Rep Power
    178
    Quote Originally Posted by matt40k View Post
    Missing my point @GREED, the point of audit logins is that if you do something, it's trace able. If someones done something it should be audit, regardless of access rights, and they shouldn't be able to wipe it. I suppose until access is limited to only via the application \ api it's all pretty pointless and limited.

    On enterprise system you have dual audit logs, one local and one central, if the local doesnt' match the central, you have a call logged with a reason why - normally you had to clear it due to disc space. It's also handy when your working across systems, such as all your SQL servers getting "random" failed logins from a guy in china - or when you use a reverse proxy.

    Actually doesn't a certain MIS system support Syslog out of the box to do such auditing?
    Ahhhh I understand what you mean now, so someone hacks to remove their activity from the system. Good point!

    Your right there is an MIS that supports auditing and logging.

  6. #21

    matt40k's Avatar
    Join Date
    Jun 2008
    Location
    Ipswich
    Posts
    4,433
    Thank Post
    368
    Thanked 646 Times in 528 Posts
    Rep Power
    159
    So you could create a trigger that if user who hasn't access the database via the application it then logs it (via a store procedure)? Umm... why hasn't Capita done this? Or maybe they have

  7. #22

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,072
    Thank Post
    377
    Thanked 380 Times in 309 Posts
    Blog Entries
    8
    Rep Power
    178
    Quote Originally Posted by matt40k View Post
    So you could create a trigger that if user who hasn't access the database via the application it then logs it (via a store procedure)? Umm... why hasn't Capita done this? Or maybe they have
    Performance overhead?

  8. #23

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,991
    Thank Post
    114
    Thanked 507 Times in 342 Posts
    Blog Entries
    2
    Rep Power
    286
    Quote Originally Posted by GREED View Post
    Performance overhead?
    Possibly. Ain't nothing free in this world. I do know, though, that triggers will work; we wrote a financial app using triggers to do something similar.
    Last edited by jinnantonnixx; 27th February 2012 at 02:25 PM.

  9. #24

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,072
    Thank Post
    377
    Thanked 380 Times in 309 Posts
    Blog Entries
    8
    Rep Power
    178
    Quote Originally Posted by jinnantonnixx View Post
    Possibly. Ain't nothing free in this world. I do know, though, that triggers will work; we have a financial app using triggers to do something similar.
    I am just forseeing how many triggers could be... err.. triggered given the right situation and could bring they system to a halt. Unlikely, but is likely to be a consideration.

  10. #25

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,991
    Thank Post
    114
    Thanked 507 Times in 342 Posts
    Blog Entries
    2
    Rep Power
    286
    Quote Originally Posted by GREED View Post
    I am just forseeing how many triggers could be... err.. triggered given the right situation and could bring they system to a halt. Unlikely, but is likely to be a consideration.
    Yeah..... probably best to test it first.

    I'd suggest conduct log and attendance tables as good candidates.


    I found this: http://msdn.microsoft.com/en-us/maga...164047.aspx#S4
    which says as long as you don't do anything silly, and keep to row-sets, not cursors (a simple INSERT will be fine), trigger performance is OK.
    Last edited by jinnantonnixx; 27th February 2012 at 02:28 PM.

  11. #26

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,072
    Thank Post
    377
    Thanked 380 Times in 309 Posts
    Blog Entries
    8
    Rep Power
    178
    Quote Originally Posted by jinnantonnixx View Post
    Yeah..... probably best to test it first.

    I'd suggest conduct log and attendance tables as good candidates.


    I found this: Data Points: Exploring SQL Server Triggers
    which says as long as you don't do anything silly, and keep to row-sets, not cursors (a simple INSERT will be fine), trigger performance is OK.
    The royal you, I'm not going to mess with SIMS back end (again!)

  12. #27

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,991
    Thank Post
    114
    Thanked 507 Times in 342 Posts
    Blog Entries
    2
    Rep Power
    286
    Quote Originally Posted by GREED View Post
    The royal you, I'm not going to mess with SIMS back end (again!)
    I wouldn't think SIMS would be too happy if it all went Judge Jules* after you got trigger-happy. Bit of a smoking gun, if you'll excuse the weaponish pun.

    *Worse than Pete Tong.

  13. #28

    GREED's Avatar
    Join Date
    Mar 2008
    Location
    Portsmouth
    Posts
    3,072
    Thank Post
    377
    Thanked 380 Times in 309 Posts
    Blog Entries
    8
    Rep Power
    178
    Quote Originally Posted by jinnantonnixx View Post
    I wouldn't think SIMS would be too happy if it all went Judge Jules* after you got trigger-happy. Bit of a smoking gun, if you'll excuse the weaponish pun.

    *Worse than Pete Tong.
    I love that, scales of going wrong based on Radio DJs...

  14. #29

    jinnantonnixx's Avatar
    Join Date
    Mar 2011
    Location
    In the Calamatorium.
    Posts
    1,991
    Thank Post
    114
    Thanked 507 Times in 342 Posts
    Blog Entries
    2
    Rep Power
    286
    Quote Originally Posted by GREED View Post
    I love that, scales of going wrong based on Radio DJs...
    Indeed, been using the RDJSOC (Radio DJ Scale Of Catastrophe - pronounced R DJ SOCK) for quite a while now.
    When things go Tony Blackburn, you've got real problems....

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. [SIMS] SIMS.Net Active Directory Integration
    By robknowles in forum MIS Systems
    Replies: 29
    Last Post: 4th October 2011, 02:54 PM
  2. [SIMS] Sims Analysis - Change request to vote on please
    By BatchFile in forum MIS Systems
    Replies: 7
    Last Post: 29th July 2010, 02:20 PM
  3. Replies: 2
    Last Post: 12th June 2010, 06:37 AM
  4. If your board Vote for my SIMS Change Requests
    By Stuart_C in forum MIS Systems
    Replies: 1
    Last Post: 15th September 2009, 10:42 AM
  5. SIMS change requests - Vote please!
    By park_bench in forum MIS Systems
    Replies: 4
    Last Post: 30th October 2008, 11:58 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •