Audit Log for Analytics > Administration > Manage Privileges

Aarvi-Oracle · Jun 20, 2024 10:24AM

Audit logs required for Oracle Analytics Server > Administration > Manage privileges

Gianni Ceresa · Jun 20, 2024 12:40PM

Because the privileges are stored in the catalog, if the fields of "modified_by_name" and "modified_by_type" would behave like everything else in the catalog, the job would be done already and could be tracked with database auditing.

But apparently for the privileges these attributes of the catalog objects stay null all the time (while "modified_time" is correct).

Aarvi-Oracle · Jun 21, 2024 4:10AM

Can you please provide the schema and table name where we can find the details in Database

Gianni Ceresa · Jun 21, 2024 8:41AM

It's the main catalog table css_si_files in the biplatform schema. But as said, the privileges are missing that info on the modification.

Adam Bloom-Oracle · Jul 10, 2024 3:58PM

We do not have event-based audit for these privileges but you can run periodic reports to list who has these privileges. Please review the OAS docs for using runcat to report classic privileges:

https://docs.oracle.com/en/middleware/bi/analytics-server/security-oas/use-runcat-manage-security-tasks-presentation-catalog.html

Alternatively you can use the SOAP API getGlobalPrivileges: https://docs.oracle.com/middleware/12213/biee/BIEIT/methods.htm#i1009858

Creating queries against the BIPlatform schema to reverse engineer a solution is not a supported approach so at your own risk.

Adam Bloom-Oracle · Jul 10, 2024 4:00PM

I've marked this Idea as 'current capability' although I accept there is no event-based audit.

Oracle Analytics Idea Lab

Categories

Audit Log for Analytics > Administration > Manage Privileges

Delivered · Last Updated Jul 15, 2024 6:02PM

Comments