ATD Report Sample | Fortinet FortiDB guide


SOX Report Specifics	Abnormal Termination of Database Activity Report (ATD)

Abnormal Termination of Database Activity Report (ATD)

ATD Report Sample

COBIT Objectives and Setup Requirements

Objective		FortiDB MA Module
Number(s)	Objective Description	Setup Requirement

DS10.1	Routine transactions and processes between the	PM: using the Audit data
	application and the database are reviewed on a	retrieval method
	daily basis for successful completion by IT	MM: using the Audit data
	Management.	MM: using the Audit data
	Management.	retrieval method
		retrieval method
		UBM object policies or
		user policies, and the
		failed logins policy
		within the session
		policy(to capture failed
		logins)

Report Body Columns

	The following columns are displayed in the report body:

Column	Description

User ID	The ID of the database user that conducted the flagged activity.

Object	The name and owner of the database object that was directly manipulated by
	the flagged activity

Time Stamp	The exact time the flagged activity was conducted.

Terminal Name	The terminal IP address or name.

Origin Application	The name, or other identifier, for the originating application, if the activity
	originated from an external application or from an application server.

Action Type	The action that was attempted, butt failed to fully process or transact. The
	action might be, for example, an INSERT, UPDATE, DELETE, logon, or logoff.

FortiDB Version 3.2 Utilities	User Guide
15-32000-81369-20081219	47

Image 49

Fortinet FortiDB manual Abnormal Termination of Database Activity Report ATD, ATD Report Sample

Contents

Utilities User Guide Trademarks FortiDB Utilities User Guide Table of Contents Index FortiDB MA Utilities Selecting Addresses for Auto-Discovery Auto Discovery Results from Auto-Discovery Selecting Non-Standard Ports for Auto-Discovery Discovered Database Information Populating Connection Form MS-SQL MS-SQL Connection Summary Button Connection Summary Output Connection Summary Rule Chaining Rule Chaining Setting Screen Rule Chaining Chaining with Parameterized User-Defined Rules General Pudr Steps Parameterized User-Defined Rule Flow Diagram Validating the Pudr before Saving Disabled Parameter Checkboxes Example of Chaining to a PL/SQL-based Pudr Item Setting for Session Policy Policy Settings for Suspicious Login Time Immediate Chained-Rule Alerts UBM Session Policy and Pudr Table Columns That Could Appear in AlertsResulting Killed Session DB Example Multiple Source-Rule-Violation Behavior Rule Chaining Setting a Timer-based Schedule Setting a Report ScheduleAlert Report Manager Setting a Calendar-based Schedule Deleting a Previously Set Timer ScheduleSetting a Timer-Based Schedule Deleting a Timer Schedule Setting a Randomized Interval Setting a Combined ScheduleSetting a Calendar-Based Schedule Setting a Randomized Interval Enabling Email Recipients Reporting by TimeSpecifying Report Parameters ARM Reporting by Time ARM Reporting by Time Calendar Pop-up New Reports Menu New Report Setting Screen top New Report Setting Screen bottom Using the Select Checkbox to Affect Multiple Reports Saved and Enabled Report Running and Analyzing Reports Activating ARMStatus Menu Status Dialog View Reports Dropdown List on Current Reports Screen Report Summary Action Current Report ConfigurationChoosing Summary Report Action Summary-Action Output Types Limitation Report Detailed ActionReport Size Archiving Reports Custom Reports Using This FeatureScheduling Custom Reports Time-only Schedule Settings Daily Schedule Settings Monthly Schedule Settings Weekly Schedule SettingsCustomer and Company Information Company Information Dialog Report and Template Generation and ManagementCustom Reports Main Modifying Reports Adding ReportsAdding a Report Modifying a Report Deleting ReportsDeleting a Report Modifying Report Templates Report Result Generating ReportsTemplates Manager Modifying a Template Generated Html Report Example Report History Report History User Administration for Custom Reports and SOX Reports Licensing and AdministrationReports radio button on the User Administration screen Property Purpose Possible Values Default Limitations Property Purpose Possible Values Default1 SOX Reports within Custom Reports Manager SOX Compliance Reports Reports and Acronyms General Setup InstructionsCommon Report Header Fields Report Name Acronym History of Privilege Changes Report HPC Cobit Objectives and Setup RequirementsReport Body Columns HPC Report Sample AUC Report Sample Abnormal or Unauthorized Changes to Data Report AUC AUS Report Sample Abnormal Use of Service Accounts Report AUS ATD Report Sample Abnormal Termination of Database Activity Report ATD Settings Dialog for the EPA Report End of Period Adjustments Report EPAEPA Report Sample Assumptions Case VAS Report Sample Verification of Audit Settings Report VAS Archiving Reports Licensing and AdministrationReport Size Verification of Audit Settings Report VAS Index