06-30-2014 11:12 PM
Good day everyone.
I'm currently using the SAS VA 6.4. I want to ask is there any audit trail feature available in Visual Analytics to allow user to trace:-
Thank in advance.
07-01-2014 01:30 AM
There is something called APM audit performance measurement with SAS. APM is based on arm log4j logfiles activated ar the metadata config files.
The eventmanager 9.4 is using a lot of that.
Do not expect that is a ready complete solution the auditing reports requirements is business specific and has relationships with cia confidentiality integrity availability ratings and rbac role based access control. Those processes are part of standard of good practice not being covered by best practices.
07-01-2014 09:34 AM
As Jaap pointed out you may want to look at the Audit Performance Measurement package that is a free download at http://support.sas.com/rnd/emi/APM94/index.html Also Dan Lucas and Brendan Kirk wrote a great SAS Global Forum 2014 paper on auditing a SAS Visual Analytics environment using APM data. I'm not sure if the data collected provides exactly what you need however the sample code and reports in the paper may point you in the right direction. http://support.sas.com/resources/papers/proceedings14/SAS167-2014.pdf
07-02-2014 10:51 AM
SAS is currently developing out-of-the-box usage and audit reports for Visual Analytics. The plan is to deliver these reports in the next release of Visual Analytics, though it is not certain at the time of this reply. Until the usage and audit reports are available, the link Michelle shared is a good source of information for configuring and using APM for some usage data collection and reporting.
the usage and audit reports we are working, will cover details like which tables are accessed, a report created / deleted /modified, by which user, which application (VAE, VAD, Mobile), on what date and time, etc....
This is a work in progress and we will share the complete details when the functionality is finalized.
12-13-2014 07:02 AM
07-09-2014 07:26 AM
Murali, your reply is not very detailed and maybe missing the point of the question.
All this kind are caused by common guidelines becoming mandatory. See: IT risk - Wikipedia, the free encyclopedia . It is not about simple standard questions and reports, they can be variable as the ultimate detailed question can be seen as eg SIEM Security information and event management - Wikipedia, the free encyclopedia. That is about: data aggreagation, correlation, alerting, dashbords, (forensic) analytics. Would be something nice for SAS, uhhh SAS institute is missing this.
What is SAS missing:
- the generating the required log-files containing the required information (data generation).
- Some parts should be done at OS level or at the other components. There is nothing refered to.
- the analytics parts could be done with SAS but the market is promoting and standardizing on other tools.
This is a good first step http://support.sas.com/resources/papers/proceedings14/1247-2014.pdf but the vision of SAS institute is not present.
I remember the old days using CA IDMS (a company you probably know with a NOSQL DBMS). It could deliver a lot of standard reports using Culpritt (reporting tool Cullinane) on own generated data.
These standard reports are not sufficient and not applicable when needing pin-point analyses. So in those days went for SAS as a better analytics tool. The History repeats it self, but could change the names.
Without those common requirements (it risk) taking into the vision the result can be something that was asked for but is not needed.