An audit trail (also called audit log) is a security-relevant chronological set of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure or event. In PMA.core audit trailing is implemented as part of 21 CFR.11
A background article on audit trailing can be found on our blog.
PMA.core implements audit trailing as a middleware between the application and the connection to the SQL server database. This middleware captures all requests from the application to the database and, depending on the operation, creates records on a sub-schema of the database with all the required information to recreate them.
The sub-schema of the audit trail database can be seen in the table diagram bellow
The EntityModificationEvents table in detail contains the following columns
The EntityModificationDetails is connected to the EntityModificationEvents and contains the following columns:
The easiest way to consult the audit trail is via PMA.core's pre-defined audit trail views for the main entities of Root Directories and Users:
For more advanced use cases you can execute SQL Queries in the sub-schema of PMA.core database which was described in the previous paragraph.
Keeping an Audit trail of all changes happening in a live production PMA.core server can be quite space consuming. You can always check all storage requirements of PMA.core in the Diagnostics -> Installation Checks -> Storage Checks page In that page you can check the total size of SQL database including the audit trail but also check other storages used such as the tile cache directory and the cloud cache
If the usage of Audit trail storage is getting large you can always backup the tables EntityModificationEvents and the EntityModificationEvents and safely delete all rows from these tables.