I'm looking for a little user information regarding how traceable access is within PeopleSoft, particularly concerning how much information can be obtained from PeopleSoft to monitor access to personal data. i.e. is it possible to review any sort of access logs that record what PC has accessed an individuals personal records and how detailed can this information be, for example would it only tell you that a persons record has been accessed or would it also trace what specific data has been accessed, i.e. dependants, remuneration, emergency contacts etc.
I'm trying to get a feel for how easy / reliable it is to gain information that could aid an investigation into potential security breaches.
Many thanks for any help you can provide.
There's a handy table called PSACCESSLOG which records the login IP address, login and logout time of a particular operator ID. If you need to trace down what a user "did" during a PeopleSoft session, then your application server log files (e.g. APPSRV_1234.log) are a good to place to log. This is all delivered and a good place to start. It won't tell you everything though. If you have specific scenarios that you want to capture, you'll need to write your own auditing. E.g log whenever a person views a specific page.
You might want to take a look at implementing trigger based auditing for changes to user profiles & security as this is lacking in PeopleTools:
http://www.peoplesoftwiki.com/auditing-user-profiles (this is for Oracle).
application server log tells you which operator accessed which part of the application for example: for example PSAPPSRV.1980 [08/23/04 12:41:25 PS@GO-FASTER-3 (IE 6.0; WINNT) ICPanel](4)
Executing component JOB_DATA/GBL in menu ADMINISTER_WORKFORCE_(GBL) in which PS is user and GO-FASTER-3 is system. If you want track changes you can use audit tables. But to solve your problem you can add log file in the Rowinit Poeplecode and save values in it. I never tested it but you can check out adding the users at database level.