1 / 18

A.L.F.

A.L.F. Advanced Logging Functionality. ME DOC Business Need. Inmate data is considered confidential. When misuse (intentional or otherwise) of inmate data is suspected, DOC needs to be able to easily/quickly collect evidence that misuse has occurred.

spadgett
Download Presentation

A.L.F.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A.L.F. Advanced Logging Functionality

  2. ME DOC Business Need • Inmate data is considered confidential. • When misuse (intentional or otherwise) of inmate data is suspected, DOC needs to be able to easily/quickly collect evidence that misuse has occurred. • Data that IIS collects is incomplete at best and difficult to mine useful data from. • ME DOC requested that a unique identifier also be put on hard copy reports.

  3. Born from Click Trails… • Previous implementation of a similar tool on a different project (with a different need), satisfies ME DOC business need and brings additional capability to the table by:

  4. Capturing… • Page Requested • Web Server Timestamp • Client ID • Staff ID • IP Address • Browser Info • Page Parameters • Runtime Error(s) • Execution Duration

  5. Writes to… • A set of either ODD or EVEN tables • ODD or EVEN determined by the day number of the year: • February 1 = 32 • April 9 = 99 (non leap year) • September 3 = 246 (non leap year) • Optimized for inserts • No roundtrips for data • Keys based in Globally Unique Identifier (GUID) • 90CB7B79-D485-4BF3-ACD3-95199BE4C60C

  6. Exclusions • IP Address • 127.0.0.1 • Page • Clientbinaries.aspx - Omit • Parameter • txtPassword - Mask • Cached in Web Application Memory • Refresh with mainweb/common/csys_resetcache.aspx

  7. Exceptions (Bonus Functionality!) • All runtime errors are captured including the stack trace • Transparent to user • Shows errors even when not reported by the user

  8. CORIS Report Auditing • Added page request Guid to • Face Sheet Report • Running Report • Can be added to any report

  9. Daily Archive • Moves data from loose tables to tables with foreign keys • Truncates daily tables (ODD or EVEN) • Means reporting and analysis is delayed by a day • Unless… sproc can force data to archive tables for today

  10. “Out of the Box” Reports (SRS) • Session Trace • Page Requests by User For Date Range • Users for Client for Date Range • Exceptions for Date Range • Session Trace by Page Request

  11. Session Trace • Complete session trace • Could be pages and pages • Expandable to show parameters for each page request • Primary audit tool

  12. Page Requests by User for Date Range • Shows users active during the range • May include time in parameters • Useful for beginning a trace on a user • Useful for seeing who was making page requests during the time

  13. Users for Client for Date Range • Parameters: MDOC, Start, End • Shows the users who had some interaction with a particular client ID • Jump to complete Session Trace for more thorough analysis

  14. Exceptions for Date Range • Shows runtime errors for date range • Useful for finding out what a user was doing when he or she encountered the error • More of a diagnostic tool • Match the Page Request in the expanded runtime error page

  15. Session Trace By Page Request • Jumped from Exception Report • Useful for tracing a GUID on a printed report • Shows last 30 requests prior to the exception • Identical to complete Session Trace but limited to a specific number of items

  16. What ALF doesn’t do • Offline Notes – no tracing • Does not prevent the user from redacting the info on a report • But can still find who ran the report within a date range with what parameters • CORRAL Reporting

  17. Future Possible Uses • Analysis of Page Requests • Traffic analysis – patterns of usage • Casual users from heavy users • Identify terms of use violations

  18. Benefits to xwave • Implement for other states • NH – easily adopted w/minor changes for SQL 2000 and SSRS 2000 • VA – would need further analysis with changes to table structure likely. • Gain much better understanding of user experience. • Exception reporting, trend analysis, application performance tool.

More Related