Fortinet FortiDB manual Abnormal or Unauthorized Changes to Data Report AUC, AUC Report Sample

Page 47

 

 

SOX Report Specifics

Abnormal or Unauthorized Changes to Data Report (AUC)

Abnormal or Unauthorized Changes to Data Report (AUC)

AUC Report Sample

COBIT Objectives and Setup Requirements

Objective

 

FortiDB MA Module

Number(s)

Objective Description

Setup Requirement

 

 

 

AI2.3

Unauthorized changes to data by non-application1

UBM: Object policies,

 

accounts are tracked and reviewed by IT

since this will focus on

 

Management on a quarterly basis.

data changes in specific

 

 

tables containing financial

 

 

information.

 

 

 

1.Non-application accounts have User IDs that belong to individual users. Application accounts have User IDs as well but they are not typically associated with individual users.

Report Body Columns

The following columns are displayed in the report body:

Column

Description

 

 

User ID

The ID of the database user that conducted the flagged activity.

 

 

Object

The name and owner of the database object that was directly manipulated by

 

the flagged activity

 

 

Time Stamp

The exact time the flagged activity was conducted.

 

 

Terminal Name

The terminal IP address or name.

 

 

Origin Application

The name, or other identifier, for the originating application, if the activity

 

originated from an external application or from an application server.

 

 

Action Type

The type of action successfully enacted by the User ID.

 

 

 

Note: By default, all actions are considered unauthorized. If you want, for

 

example, to only mark UPDATEs as unauthorized actions, use an Action Type

 

filter in the Settings dialog in order to filter out the other action types You can also

 

distinguish (un)authorized users by defining a User ID filter in the Settings dialog.

FortiDB Version 3.2 Utilities

User Guide

15-32000-81369-20081219

45

Page 46 Page 48
Image 47
Page 46 Page 48
Contents Utilities User Guide Trademarks FortiDB Utilities User GuideTable of Contents Index FortiDB MA Utilities Selecting Addresses for Auto-Discovery Auto DiscoveryResults from Auto-Discovery Selecting Non-Standard Ports for Auto-DiscoveryDiscovered Database Information Populating Connection Form MS-SQLMS-SQL Connection Summary Button Connection Summary Output Connection SummaryRule Chaining Rule Chaining Setting ScreenRule Chaining Chaining with Parameterized User-Defined Rules General Pudr Steps Parameterized User-Defined Rule Flow DiagramValidating the Pudr before Saving Disabled Parameter CheckboxesExample of Chaining to a PL/SQL-based Pudr Item Setting for Session PolicyPolicy Settings for Suspicious Login Time Immediate Resulting Killed Session Table Columns That Could Appear in AlertsChained-Rule Alerts UBM Session Policy and Pudr DB Example Multiple Source-Rule-Violation BehaviorRule Chaining Alert Report Manager Setting a Report ScheduleSetting a Timer-based Schedule Deleting a Timer Schedule Deleting a Previously Set Timer ScheduleSetting a Calendar-based Schedule Setting a Timer-Based ScheduleSetting a Randomized Interval Setting a Combined ScheduleSetting a Randomized Interval Setting a Calendar-Based ScheduleARM Reporting by Time ARM Reporting by Time Calendar Pop-up Reporting by TimeEnabling Email Recipients Specifying Report ParametersNew Reports Menu New Report Setting Screen topNew Report Setting Screen bottom Using the Select Checkbox to Affect Multiple Reports Saved and Enabled ReportView Reports Dropdown List on Current Reports Screen Activating ARMRunning and Analyzing Reports Status Menu Status DialogSummary-Action Output Types Current Report ConfigurationReport Summary Action Choosing Summary Report ActionReport Size Archiving Reports Report Detailed ActionLimitation Custom Reports Using This FeatureCustom Reports SchedulingTime-only Schedule Settings Daily Schedule Settings Customer and Company Information Weekly Schedule SettingsMonthly Schedule Settings Custom Reports Main Report and Template Generation and ManagementCompany Information Dialog Adding a Report Adding ReportsModifying Reports Deleting a Report Deleting ReportsModifying a Report Modifying Report Templates Templates Manager Modifying a Template Generating ReportsReport Result Generated Html Report Example Report History Report HistoryProperty Purpose Possible Values Default Licensing and AdministrationUser Administration for Custom Reports and SOX Reports Reports radio button on the User Administration screenLimitations Property Purpose Possible Values Default1SOX Reports within Custom Reports Manager SOX Compliance ReportsReport Name Acronym General Setup InstructionsReports and Acronyms Common Report Header FieldsHPC Report Sample Cobit Objectives and Setup RequirementsHistory of Privilege Changes Report HPC Report Body ColumnsAUC Report Sample Abnormal or Unauthorized Changes to Data Report AUCAUS Report Sample Abnormal Use of Service Accounts Report AUSATD Report Sample Abnormal Termination of Database Activity Report ATDEPA Report Sample End of Period Adjustments Report EPASettings Dialog for the EPA Report Assumptions CaseVAS Report Sample Verification of Audit Settings Report VASReport Size Licensing and AdministrationArchiving Reports Verification of Audit Settings Report VAS Index
Top Page Image Contents