TBAUDIT

If you have licensed the tablesONLINE/CICS interface for tableBASE, a sample special exit program TBAUDIT is included with the product. TBAUDIT is customer submitted program that is now supported by Data Kinetics Ltd.

TBAUDIT captures all changes (before and after images) made to any and all Data Tables or the associated Alternate Indexes over time. It also captures the date, time and the User Id of the user making the change. In addition, if the user decides to cancel the updating process the corresponding entries in the AUDIT table(s) are also cancelled. Please note that Version 6 of tablesONLINE/CICS supports simultaneous updates from multiple users, the TBAUDIT exit however has not been upgraded to support this new feature.

To install this exit you will need the following components from TBDIST.SRC:

  1. the source program TBAUDIT in TBDIST.SRC.
  2. the EXITWS and EXITPARM copybooks in TBDIST.SRC.

Please compile the program as delivered and define the appropriate Program Properties in the PPT table of CICS before attempting to incorporate the additions discussed below.

Once the EXIT is present in the CICS region, all of the xxxxMSGS tables need to be updated for the proper functioning of the exit, an audit control table, TBAUDCTL, has been defined and an audit table will need to be set up for every Data Table requiring auditing. We have included table EXAMAUD as the audit table and the EXAMPLE table as the table to be audited to serve as a sample for demonstration purposes. The EXAMPLE, EXAMAUDT and TBAUDCTL tables as well as their corresponding Views have been included in the sample MAINLIB shipped with tableBASE.

By activating the TBAUDIT exit in a View, the View for any table controls the auditing process. This is accomplished via Option 2 on the Define Tables menu of tablesONLINE. Please see the program source of TBAUDIT for setting the required values.

  1. the xxxxMSGS tables each require a row to be added to represent a message with a key TBA1000 and an error severity of E. This message appears when there is no valid entry in the TBAUDCTL table. The user will not be able to process (edit) this table if the audit function cannot be performed.
  2. the audit control table TBAUDCTL is used to specify both the audit table name for any given Data Table and the passwords for the audit table. This table serves a further function as a process control table for all the Data Tables undergoing audit while being edited. The exit loads this table into the tableSPACE region, renames it to TBSYSAUD and inserts the TBLBASE command area for each table being audited. The rename is very important so that several regions can share this table. The TBAUDCTL table must be password protected as it contains the passwords of all the audit tables. In the delivered exit, the password for this table is READIT. The layout of the TBAUDCTL table can be seen by browsing the View table.
Once you have tested the exit as delivered, you may wish to consider the following two enhancements:

  1. The creation of a more secure audit control mechanism.

    In the exit the audit control table is renamed as TBSYSAUD and is then used to contain the TBLBASE command area each audit table. However, because the table contains the passwords for the audit table, the passwords can be seen by a sophisticated user who can scan the TSR using CICS utilities or TBDRIVC.

    Our recommendation is to define the TBAUDCTL table as having only two fields: the Data Table name and the AUDIT table name. (i.e., do not keep the passwords in TBAUDCTL.)

    After the change name command (CN), the table is expanded to contain the command area and continues to be used as before. TBAUDIT should be changed to generate the MASTER password which is then used to open the AUDIT table.

  2. The use of a Journal to keep the audit records.

    TBAUDIT can be changed so that the audit information is written to a CICS journal. If this approach is adopted, it will still be necessary to use an audit table. Under this situation, the audit table would be a temporary table that could be assigned the Session Id as part of its name. This insures uniqueness and works well if a user has multiple windows open. Because the user has the option of canceling table updates, the contents of the temporary AUDIT table would only get copied to the CICS journal after a successful store (ST) operation of the Data Table.

Note:
Using a CICS journal may impact performance, depending on how many stores (ST) of audited tables are done and how fast CICS executes the journal write.