0% found this document useful (0 votes)

29 views

Audit Manager

Uploaded by

Amol Kolhe

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

29 views

Audit Manager

Uploaded by

Amol Kolhe

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 108

SIEMENS

Teamcenter 11.2

Audit Manager
PLM00022 • 11.2.3
Contents

Part I: Audit Manager

Getting started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Audit Manager interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Basic concepts for using audit functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Audit objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3

Configuring Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Enable Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Postupgrade steps required for importing custom event types into a template project . . . . . . . . 2-1
Configuring Audit Manager business object constants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Configuring access controls for audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
Configuring access rule for deleted objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Configuring audit log archiving . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Configure the display of audit logs in the summary view . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Tracking object properties in legacy audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Creating custom log handlers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
Creating custom log extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
Custom log extension example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8

Defining audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Audit log overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Create an audit definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Create an event type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Create an event type mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5
Recommendations for managing audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7

Archiving and purging audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1

Viewing audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

Accessing audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1

View audit logs in the Summary view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
View legacy audit data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Audit reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Creating and running audit queries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4
Export audit logs from the Summary view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Export audit logs to Microsoft Excel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5
Export and import audit logs associated with items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Best practices for managing audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7

PLM00022 11.2.3 Audit Manager 3

Contents
Contents

Migrating audit data from legacy Audit Manager to new Audit Manager . . . . . . . . . . . . . . 6-1

Migrating audit configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1

Migrating audit data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1

Part II: Legacy Audit Manager

Getting started with legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

Legacy Audit Manager overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1

Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
Legacy Audit Manager interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
What are perspectives and views? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
Basic concepts for using Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
Legacy audit functionality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
Legacy Audit definition object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
Viewing legacy audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
Basic tasks using legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4

Configuring legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1

Enable legacy audit viewing . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1

Set preferences for legacy Audit Manager . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1
Choosing storage media for legacy audit logs . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1
Create storage media for archiving . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
Set access controls for legacy Audit Manager . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
Tracking object properties in legacy audit logs . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
Configure legacy audit log searching . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
Create custom audit reports . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
Create custom log handlers . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
Overview to create custom log handlers . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
Define an action handler for legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
Create an event type . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5
Create an event type mapping . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6

Using legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1

Create an audit definition object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1

Modify an audit definition object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Delete audit definition object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Combine audit files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Archive legacy audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

Viewing legacy audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1

Accessing legacy audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1

Generate report builder legacy audit reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
View legacy audit log information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
View audit information for deleted objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Export legacy audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
Best practices for searching legacy audit information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5

4 Audit Manager PLM00022 11.2.3

Contents

Part III: Legacy workflow and reservation auditing

Configuring legacy workflow and reservation auditing . . . . . . . . . . . . . . . . . . . . . . . . . 11-1

View legacy audit and signoff history in HTML format . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1

View legacy audit files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1

Part IV: Appendixes

Audit log extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1

Audit Manager preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1

Part V: Legacy Audit Manager appendixes

Command line utilities for configuring legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . C-1

ITK functions for configuring legacy Audit Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . D-1

Viewing legacy audit logs for changes to structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-1

Tracking changes to NX part history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . E-2

Legacy Audit Manager events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . F-1

PLM00022 11.2.3 Audit Manager 5

Part I: Audit Manager

Beginning with Teamcenter 10.1, a new Audit Manager application is available.

The details of the new and old Audit Manager applications are as follows:

Auditing Description
application
• Audit logs are stored in the database. Audit logs are grouped together
depending on the type, such as general logs, workflow logs, structure logs,
file access logs, and schedule logs.
• You can create audit configuration objects such as audit definition objects,
events, and event type mappings using Business Modeler IDE.

Note
To obtain a list of objects for which audit events are posted, use
the Event Type Mapping editor.

• View audit logs using the Summary view of the supported Teamcenter
Audit Manager applications.
• Enable Audit Manager by setting preferences:
o HiddenPerspectives
If Audit Manager does not appear in the rich client, remove the
AuditManager value.

o TC_audit_manager
Ensure the preference is set to ON.

o TC_audit_manager_version
Ensure the preference is set to 3.

PLM00022 11.2.3 Audit Manager

Auditing Description
application
• You can configure audit logs to be stored in files or in the database.
• You can use the rich client-based Audit Manager application for configuring
audit definitions.
• You can create events and event type mappings using Business Modeler
IDE.
• You can query the audit logs, using the Audit Logs dialog box.
• Enable Legacy Audit Manager by setting preferences:
o HiddenPerspectives
If Audit Manager does not appear in the rich client, remove the
AuditManager value.
Legacy Audit
Manager o TC_audit_manager
Ensure the preference is set to ON.

o TC_audit_manager_version
Ensure the preference is set to 2.

Note
The legacy Audit Manager application is deprecated and will be
removed in a future version.

• Shows workflow, signoff, and the complete checkout history logs.

• The audit logs are stored in files.

Legacy workflow
Note
and reservation
auditing From Teamcenter 10.1 onwards, this application is no longer available.
You can view the audit data generated with this audit application in
the new Audit Manager.

The upgrade path to the new Audit Manager is as follows:

Legacy Audit Manager status Upgrade path

prior to Teamcenter 10.1
The legacy workflow Teamcenter upgrades Audit Manager to the new version.
and reservation auditing
functionality is turned on. The The legacy workflow and reservation auditing functionality
TC_audit_manager preference is is no longer available. However, you can migrate legacy
set to OFF. workflow audit history and reservation audit history files using
the -legacy argument in the migrate_audit_data utility.

Audit Manager PLM00022 11.2.3

Legacy Audit Manager status Upgrade path
prior to Teamcenter 10.1

The previous audit logs associated with workflow, signoff, and

the complete checkout history are available for viewing in the
new Audit Manager.
Audit Manager is turned on. The Teamcenter does not upgrade Audit Manager to the new
TC_audit_manager preference is version. You must manually migrate your audit information to
set to ON. the new version.

PLM00022 11.2.3 Audit Manager

Chapter 1: Getting started

Before you begin

Prerequisites You need Teamcenter administrator privileges to use the Audit Manager
application.
You need Microsoft Excel to export audit logs to Excel.

Note
Before working with Microsoft Office datasets, verify that your
computer has the required software installed.

Enable Audit • HiddenPerspectives

Manager
If Audit Manager does not appear in the rich client, remove the
AuditManager value.

• TC_audit_manager
Ensure the preference is set to ON.

• TC_audit_manager_version
Ensure the preference is set to 3.
Configure Audit There are additional steps you must perform to configure Audit Manager
Manager before you can use it.

Audit Manager interface

Audit Manager uses the following Teamcenter applications:
• Business Modeler IDE for creating audit definitions, events, and event mappings.

• The Summary view of the following Teamcenter applications shows audit logs in the Audit
logs tab.
o My Teamcenter

o ADA License

o Structure Manager

o Multi-Structure Manager

PLM00022 11.2.3 Audit Manager 1-1

Chapter
Chapter 1: 1: Getting
Getting started
started

o Manufacturing Process Planner

o Schedule Manager

o Workflow Viewer

o Organization

• You can run predefined audit reports or create new reports, using the Report Builder application.

• You can create queries of audit logs, using the Query Builder application. You can run these
queries, using the Teamcenter search functionality.

• You can run predefined audit queries, using the Teamcenter advanced search functionality.

Basic concepts for using audit functionality

System administrators use Audit Manager to create audit logs. Audit logs track what information has
changed and who has changed the information.
To use audit functionality, you must first define audit logs by creating audit definition objects. You
can then view audit logs, using Teamcenter applications such as My Teamcenter, ADA License,

1-2 Audit Manager PLM00022 11.2.3

Getting started

Structure Manager, Multi-Structure Manager, Manufacturing Process Planner, Schedule Manager,

Workflow Viewer, and Organization.

Defining audit logs

Audit logs are created based on the information specified in the audit definition objects. These define
the information that should be captured about a particular object when an event occurs.
If you want to capture audit logs for events that are not available for logging, you can create new
events.
When you create new events, you must associate the event with an object. Subsequently, you can
create audit definition objects for that event and object type.

Viewing audit information

• The Summary view of the following Teamcenter applications shows audit logs in the Audit
logs tab.
o My Teamcenter

o ADA License

o Structure Manager

o Multi-Structure Manager

o Manufacturing Process Planner

o Schedule Manager

o Workflow Viewer

o Organization

• You can run predefined audit reports or create new reports, using the Report Builder application.

• You can create queries of audit logs, using the Query Builder application.

• You can run predefined audit queries, using the Teamcenter advanced search functionality.

Audit objects
The audit functionality in Teamcenter uses the following objects:

Audit configuration objects

• Fnd0AuditDefinition
Specifies the audit definition object. Audit definition allows you to define what information to log
for a particular object and event type combination.

• Fnd0AuditDefProperty

PLM00022 11.2.3 Audit Manager 1-3

Chapter
Chapter 1: 1: Getting
Getting started
started

Specifies the logged properties object. This object stores logged properties information.

• Fnd0DigitalSignatureAudit
Specifies digital signature audit logs.

• Fnd0EventTypeMapping
Specifies the event type mapping object. This object maps an event to an object, following which
you can create audit definitions for the mapped object and event type combination.

• ImanEventType
Specifies the event type object. This object stores events.

Audit log objects

• Fnd0WorkflowAudit
Specifies workflow audit log object. This object stores process and signoff history audit logs.

• Fnd0LicenseChangeAudit
Stores the license change audit logs.

• Fnd0LicenseExportAudit
Stores the license export audit logs.

• Fnd0FileAccessAudit
Stores file access audit logs.

• Fnd0OrganizationAudit
Stores organization audit logs.

• Fnd0StructureAudit
Stores structure audit logs.

• Fnd0ScheduleAudit
Stores schedule audit logs.

• Fnd0SecurityAudit
Stores security audit logs.

• Fnd0GeneralAudit
Stores the audit logs that are not stored in other audit logs.

• Fnd0SecondaryAudit
Stores additional information or secondary information about objects such as attachments and
attachment properties.

• Fnd0AuditLink

1-4 Audit Manager PLM00022 11.2.3

Getting started

Stores the link between primary and secondary audit logs.

PLM00022 11.2.3 Audit Manager 1-5

Chapter 2: Configuring Audit Manager

Enable Audit Manager

• Ensure that the TC_audit_manager preference is set to ON.

• Ensure that the TC_audit_manager_version preference is set to 3.

Note
After updating the preferences:
• Restart Teamcenter server pool manager if you are on a four-tier installation.

• Log off and log on to Teamcenter if you are on a two-tier installation.

Postupgrade steps required for importing custom event types into

a template project
Beginning with Teamcenter 10, Audit Manager objects are managed using the Business Modeler
IDE. As a result, you must add your custom event types to your template project after upgrading the
Business Modeler IDE template project to Teamcenter 10 or later.
To help you import these custom event types, the system identifies the custom event types definitions
during the upgrade process and writes them to a custom_audit_configurations.xml file generated
under the TC_DATA\model directory. At the end of the upgrade process, Teamcenter Environment
Manager (TEM) issues a warning if there are any custom event types.

PLM00022 11.2.3 Audit Manager 2-1

Chapter
Chapter 2: 2: Configuring
Configuring
AuditAudit Manager
Manager

Postupgrade, import these custom event type definitions into your custom template project before
deploying any changes to the upgraded database. If not, the next TEM update process or Business
Modeler IDE deployment tries to delete these event types, which may or may not pass based on
whether there are references to it in the database.
Perform the following steps in the Business Modeler IDE immediately after the successful upgrade
to Teamcenter and before deploying any data model changes:
1. Import the custom_audit_configurations.xml file from the TC_DATA\model directory into
your custom template project by choosing File→Import→Business Modeler IDE→Import
template file.

2. In the BMIDE view, right-click the project and choose Reload Data Model. Make sure there are
no model errors reported in Console view.

3. Populate the appropriate display names to the custom event types wherever necessary.

4. Package and deploy the template to the Teamcenter database.

Configuring Audit Manager business object constants

You must configure the following business object constants to work with Audit Manager.
• Fnd0ObjectIDToAudit
Specifies the property that holds the object ID for the business object type. The object ID property
differs across business object types. For example, on the Item business object type, the value for
this constant is item_id and on the ADA_License business object type, the value is id. When an
audit log is written for an instance of the business object, the property in this constant is used

2-2 Audit Manager PLM00022 11.2.3

Configuring Audit Manager

to obtain the object’s ID for the audit log (and is written to the fnd0PrimaryObjectID property
on the Fnd0GeneralAudit business object). For custom objects that have their own property
for the object ID, change this constant to the property that holds the object ID so that the ID of
the business object is captured when the audit log is written.
This constant is placed on the POM_object business object and its children. There is no default
value. Type a value in the Value box to assign an object ID.
This constant is provided by the foundation template file.

• Fnd0ObjectNameToAudit
Specifies the property that holds the object name for the business object type. The object name
property is different for different business object types. For example, on the Workspace business
object type, the value for this constant is object_name and on the User business object type,
the value is user_name. When an audit log is written for an instance of the business object, the
property in this constant is used to obtain the object name for the audit log (and is written to
the name property on the AuditLog business object). For custom objects that have their own
property for the object name, change this constant to the property that holds the object name so
that the name of the business object is captured when the audit log is written.
This constant is placed on the POM_object business object and its children. There is no default
value. Type a value in the Value box to assign an object name.
This constant is provided by the foundation template file.

• Fnd0ObjectRevIDToAudit
Specifies the property that holds the revision ID for the business object type. The revision ID
property differs across business object types. For example, on the ItemRevision business
object type, the value for this constant is item_revision_id. When an audit log is written for an
instance of the business object, the property in this constant is used to obtain the object’s revision
ID for the audit log. For custom objects that have their own property for the revision ID, change
this constant to the property that holds the ID so that the revision ID of the business object is
captured when the audit log is written.
This constant is placed on the POM_object business object and its children. There is no default
value. Type a value in the Value box to assign an object revision ID.
This constant is provided by the foundation template file.

• Fnd0AuditRecordAccessLevel
Controls how access to a workflow audit record is evaluated. This constant is placed on the
Fnd0WorkflowAudit business object. The default value is 1. Click the arrow on the Value box
to select from the following available values:
o 1
Checks workflow audit record based on the read access to the objects referred by the
fnd0Object property (primary object) and the fnd0SecondaryObject property (secondary
object). If the primary and secondary objects are deleted, only the administrator user is
provided with read access to the audit record.

o 2

PLM00022 11.2.3 Audit Manager 2-3

Chapter
Chapter 2: 2: Configuring
Configuring
AuditAudit Manager
Manager

Checks workflow audit record based on the read access to all attachments for that workflow.
Access to the primary object is not evaluated. If any of the secondary objects are deleted,
only the administrator user is provided with read access.

This constant is provided by the foundation template file.

Configuring access controls for audit logs

You can view audit logs only if you have access to the relevant object. Audit logs can contain primary
and secondary objects.

For viewing audit logs of deleted objects, Teamcenter provides access control rules that restrict
access to audit logs of deleted objects to administrators.

The following table shows the conditions under which you can view audit logs, based on the access
you provide to objects:

Primary Secondary Read access Read Show Comment

object exists object exists to primary access to audit
object secondary record
object
Yes No Yes – Yes

Deleted No – – No Display logs

only to the
administrator.
Yes Yes Yes Yes Yes
Yes Deleted Yes – No Display logs
only to the
administrator.
Deleted Yes – Yes No Display logs
only to the
administrator.
Deleted Deleted – – No Display logs
only to the
administrator.

Configuring access controls for workflow audit logs

Set access for workflow objects, using Access Manager and update the value of the
Fnd0AuditRecordAccessLevel constant as follows:

• Fnd0AuditRecordAccessLevel=1

The access check on the workflow audit records is evaluated based on the read access to the
primary and secondary objects. Only administrators can view the audit records if the primary
or secondary objects are deleted.

2-4 Audit Manager PLM00022 11.2.3

Configuring Audit Manager

Primary Secondary Read access Read Show Comment

object exists object exists to primary access to audit
object secondary record
object
Yes No Yes – Yes

Deleted No – – No Display logs

only to the
administrator.
Yes Yes Yes Yes Yes

Yes Deleted Yes – No Display logs

only to the
administrator.
Deleted Yes – Yes No Display logs
only to the
administrator.
Deleted Deleted – – No Display logs
only to the
administrator.

• Fnd0AuditRecordAccessLevel=2
The access check on the workflow audit records is evaluated based on the read access to the
current list of attachments for that workflow. Access to the primary object is not evaluated.

Primary object Read access to Show audit Comment

exists attachment record
Yes Yes Yes Teamcenter checks access
to the current list of
attachments.
Deleted Yes Yes Teamcenter checks access
to the current list of
attachments.
Yes/Deleted Yes No Show logs only to the
administrator.
At least one
attachment is deleted
without removing it
from the workflow.
Yes/Deleted Yes Yes Teamcenter checks access
to the current list of
At least one attachments.
attachment is deleted
and removed from the The attachments that
workflow are deleted and removed
from the workflow are not
evaluated.

PLM00022 11.2.3 Audit Manager 2-5

Chapter
Chapter 2: 2: Configuring
Configuring
AuditAudit Manager
Manager

Configuring access rule for deleted objects

For viewing the audit logs of deleted objects, Teamcenter provides access control rules that restrict
access to audit logs of deleted objects to administrators.
You view this access rule as follows:
InAccess Manager, under Has Class (POM_Object)
Condition = Has Class

Value = Fnd0AuditLog

ACL Name = AuditLog Access

This access rule gives administrators read privileges to audit logs of deleted objects and denies
read privileges to the others.

Note
If you are installing a new database, this rule is automatically created.
If you are upgrading an existing database, you must upgrade Access Manager rules.

Configuring audit log archiving

Update the following business object constants to configure the audit log archiving:
• Fnd0ArchiveLocation
Specifies the location of the audit logs (for example, c:\archive).

• Fnd0RetentionPeriod
Specifies the retention period of the audit log archives in days (for example, 90).

Configure the display of audit logs in the summary view

The TC_audit_number_of_logs_to_load preference configures the number of audit logs to load in
the summary view. The default number of audit logs shown in the summary view is 100.

Note
The time taken to load audit logs increases as you increase the value of this preference.
Therefore ensure that you test the summary view for the time taken to load audit logs
after updating the value of this preference.

Tracking object properties in legacy audit logs

You can track the persistent properties of objects in audit logs.

2-6 Audit Manager PLM00022 11.2.3

Configuring Audit Manager

Note
Run-time properties, compound properties, and relation properties are not tracked.

To track persistent properties, update the audit definition object as follows:

1. Check the Track Old Values? box in the audit definition object to enable the tracking of old
values of primary object properties.

2. Add the persistent properties to the audit definition object.

Creating custom log handlers

Creating custom log extensions

A log extension allows you to write additional data, those other than the data captured by audit logs.
To capture the data you require, you can create custom log extensions in addition to those provided
by Teamcenter.
You can create custom log extensions by using the Business Modeler IDE extensions mechanism.
Teamcenter provides the following log extensions:
• Fnd0CICO_auditloghandler
Logs checkin and checkout information, change ID, and the reason to audit. Applies this
information to checkin and checkout events.

• Fnd0OCC_track_position_orientation_audithandler
Logs the occurrence position and orientation changes of the components in structures.

• Fnd0PROJInfo_audithandler
Logs project names that are assigned to the project. The project names are separated using
commas.

• Fnd0USER_get_additional_log_info
Logs workflow information to audit logs. For example, for the __Assign event, this handler logs
information such as the process name, task type, user comments, and the user ID and user
name the workflow is assigned to.

• Fnd0WriteSignoffDetails
Logs the workflow signoff history.

• Fnd0WriteSecondaryProperties
Logs secondary properties.

These extension points have the following values:

PLM00022 11.2.3 Audit Manager 2-7

Chapter
Chapter 2: 2: Configuring
Configuring
AuditAudit Manager
Manager

Business object Fnd0AuditDefinition

Operation name Fnd0writeAuditLog
Extension point PostAction

Custom log extension example

In this example, a log extension named P3_CustomAuditLog is attached to the
EPMTask:_Reject:isTrue audit definition object. You can create log extensions, using Business
Modeler IDE.
1. In Business Modeler IDE, create a template project if you have not already created one.

2. Define the P3_CustomAuditLog extension.

a. Create a library named P3_custom.

b. Expand the project and the Rules→Extensions folders.

c. Right-click the Extensions folder and choose New Extension Definition.

The New Extension Definition wizard runs.

d. Perform the following in the Extension dialog box:

A. In the Name box, type P3_CustomAuditLog.

B. In the Language box, select CPlusPlus.

C. In the Library box, select P3_custom.

D. Click Add to the right of the Availability table and perform the following in the Extension
availability dialog box:
i. In the Business Object Name box, select Fnd0AuditDefinition.

ii. In the Operation Name box, select fnd0writeAuditLog.

iii. In the Extension Point box, select PostAction.

iv. Click Finish in the Extension availability dialog box

The extension appears.

3. Attach the P3_CustomAuditLog extension to the EPMTask:_Reject:isTrue audit definition

object.
a. From the Extensions view, open Audit Manager→Audit Definitions. Right-click the
EPMTask:_Reject:isTrue audit definition and choose Open.
The Audit Definition: EPMTask:_Reject:isTrue view is displayed.

b. Click Add to the right of the Audit Extensions table, and select the P3_CustomAuditLog
extension from the Find an Audit Extension dialog box.

c. To save the changes to the data model, choose BMIDE→Save Data Model.

2-8 Audit Manager PLM00022 11.2.3

Configuring Audit Manager

4. Implement the P3_CustomAuditLog extension.

a. Right-click the P3_CustomAuditLog extension and choose Generate extension code.
The extension boilerplate code is generated into a P3_CustomAuditLog.cxx C++ file and a
P3_CustomAuditLog.hxx header file. To see these files, open the project in the Navigator
view and browse to the src\server\P3_custom directory.

Note
You might need to right-click in the view and choose Refresh to see the files that
were generated.

b. Open the P3_CustomAuditLog.cxx file in a C/C++ editor and add your custom business
logic. The following is a sample file:
#include <P3_custom/P3_CustomAuditLog.hxx>
int P3_CustomAuditLog
( tag_t targetObjTag,
int /*secondaryObjectCount*/,
tag_t* /*secondaryObjectTags*/,
char** /*secondaryQualifiers*/,
tag_t /*eventType*/,
int paramCount,
char** paramNames,
char** paramValues,
int /*errorCode*/,
const char* /*errorMessage*/,
tag_t primaryAuditBOTag )
{
int ifail = ITK_ok;
//tag_t job_tag = NULLTAG;
char* signoff = NULL;
tag_t signoffTag = NULLTAG;
tag_t auditClassId = NULLTAG;
tag_t signoffClassId = NULLTAG;
char* audit_class_name = NULL;
char* signoff_class_name = NULL;
int signoffDecision = 0;
logical isProp = false;
char* propVal = 0;

if ( paramCount ==0 )
{
return ITK_ok;
}
for ( int i=0; i<paramCount; i++ )
{
if(strcmp(paramNames[i],"signoff") == 0)
{
signoff=paramValues[i];
break;
}
}
if (signoff == 0)
{
return ITK_ok;
}
ifail = POM_class_of_instance( primaryAuditBOTag, &auditClassId );
ifail = POM_name_of_class (auditClassId, &audit_class_name );
//ifail = EPM_ask_job(targetObjTag, &job_tag);
ifail = POM_string_to_tag(signoff, &signoffTag);
ifail = POM_class_of_instance( signoffTag, &signoffClassId );
ifail = POM_name_of_class (signoffClassId, &signoff_class_name );
isProp = false;
ifail = POM_attr_exists("p3_decisioncode", signoff_class_name, &isProp);
if (isProp)
{
ifail = AOM_ask_value_string ( signoffTag, "p3_decisioncode" ,&propVal);
isProp=false;
ifail = POM_attr_exists("p3_decisioncode", audit_class_name, &isProp);
if (isProp)
{
ifail = AOM_set_value_string(primaryAuditBOTag, "p3_decisioncode", propVal);
}
}

PLM00022 11.2.3 Audit Manager 2-9

Chapter
Chapter 2: 2: Configuring
Configuring
AuditAudit Manager
Manager

if (audit_class_name)
{
MEM_free(audit_class_name);
}
if (signoff_class_name)
{
MEM_free(signoff_class_name);
}
if(propVal)
{
MEM_free(propVal);
}
return ITK_ok;
}

c. Open the P3_CustomAuditLog.hxx file and update it with the header information.

5. Build the library (P3_Custom.dll file) for the P3_CustomAuditLog extension.

6. Create a new preference named TC_customization_libraries and update the

TC_customization_libraries preference with the library name libP3_custom.

7. Copy the P3_Custom.dll file to the TC_ROOT\bin directory.

2-10 Audit Manager PLM00022 11.2.3

Chapter 3: Defining audit logs

Audit log overview

Audit logs are created based on the information specified in the audit definition objects. Audit
definition objects define what information to capture about a particular object when an event occurs.
If you want to capture audit logs for events that are not available for logging, you can create new
events.
After you create new events, you must assign the event to an object.

Create an audit definition

An audit definition defines the information that needs to be captured when an event occurs to a
particular kind of object. Before creating an audit definition, you must ensure that an event mapping
has been created for the business object type and the event specified in the audit definition.
In the past, audit definitions were created in Audit Manager. Now audit definitions are created using
the Business Modeler IDE.
1. Ensure that an event mapping has been created for the business object type and the event you
want to specify in the audit definition.

2. Choose one of these methods:

• On the menu bar, choose BMIDE→New Model Element, type Audit Definition in the
Wizards box, and click Next.

• Open the Extensions\Audit Manager folders, right-click the Audit Definitions folder, and
choose New Audit Definition.

The New Audit Definition wizard runs.

PLM00022 11.2.3 Audit Manager 3-1

Chapter
Chapter 3: 3: Defining
Defining
auditaudit
logs logs

3. Click the Browse box to the right of the Primary Object box to select the type of business
object you want to audit.

4. Click the Browse box to the right of the Event Type box to select the event you want to audit for
the selected business object.

5. Click the Add button to the right of the Audit Extensions box to select the log extensions to
use in the definition.

6. In the Description box, type a description of the purpose for this audit definition.

7. Select the Is Active? check box to turn on the audit definition.

8. Select the Track Old Values? check box to enable tracking of the old values of primary object
properties.

Note
Attribute tracking is available only for primary objects and is not supported for
secondary objects.

9. Select the Audit on Property Change Only? check box to log the information specified in
this audit definition only if the property values change. This functionality is only enabled if the
Track Old Values? check box is selected.

10. Click Next to add primary object properties to the audit.

3-2 Audit Manager PLM00022 11.2.3

Defining audit logs

The Primary Object Audit Definition Properties dialog box is displayed. These properties are
on the business object for which the audit definition is being created.

a. In the Primary Audit Definition Properties dialog box, click the Add button located to
the right of the table.
The Add Audit Definition property dialog box is displayed.

b. In the Add Audit Definition property dialog box, click Browse to the right of the Property
Name box to select the primary property.

PLM00022 11.2.3 Audit Manager 3-3

Chapter
Chapter 3: 3: Defining
Defining
auditaudit
logs logs

c. To change the display name of the property in audit logs, type the new display name in
the Target Property Name box.

d. Use the Target Old Value Property Name box to change the display name of the old
property in the audit logs.

Note
The Target Old Value Property Name box and the Enable Tracking? box are
enabled if you selected the Track Old Values? check box in the Add an Audit
Definition dialog box.

e. Click the arrow in the Enable Tracking? box to select the kind of tracking:
• Track Always
Always tracks old and new values of properties even if there are no changes to the
property value.

• No
Does not track changes to properties.

• Track Different
Tracks old and new values of properties only when the property value changes.

f. Click Finish.

g. Click the Add button in the Primary Audit Definition Properties dialog box to add more
properties as needed.

h. Click Finish when you are done adding primary properties.

11. Click Finish.

12. Verify that the audit definition object can create audit logs.

Create an event type

An event is an action that occurs to an object in Teamcenter, for example, when an item is checked
out. Teamcenter records audit logs when certain events occur on certain types of objects.
You only need to create a new event type if there is not an existing event type that covers your
needs. When you create a type, its name is only a text reminder of the type of information you are
looking from in the audit. The actual event information is captured by the audit type selected when
you create the event type mapping.
In the past, the install_event_types utility was used to create new events. Now you create new
event types using the Business Modeler IDE.
1. Choose one of these methods:

3-4 Audit Manager PLM00022 11.2.3

Defining audit logs

• On the menu bar, choose BMIDE→New Model Element, type Event Type in the Wizards
box, and click Next.

• Open the Extensions\Audit Manager folders, right-click the Event Types folder, and
choose New Event Type.

The New Event Type wizard runs.

2. In the Id box, type the name of the new event.

3. In the Display Name box, type the name that you want the event to have in the user interface.

4. In the Description box, type a description of the new event so that others know what it is used for.

5. Click Finish.

6. Create an event type mapping definition to connect the event to a business object type.

Create an event type mapping

While an event is an action that occurs to an object in Teamcenter, event mapping is connecting an
event to a business object type. In other words, the event mapping declares that you want to receive
an audit log for a certain event on a certain kind of object.
An event mapping must be created for a business object type and event before you use that business
object and event type in an audit definition. Event mapping is inherited by child business object
types. For example, instances of the Part business object type inherit the mapping from the Item
business object type.
In the past, the event mapping was created using the install_event_types utility. Now event mapping
is created using the Business Modeler IDE.
1. Choose one of these methods:

PLM00022 11.2.3 Audit Manager 3-5

Chapter
Chapter 3: 3: Defining
Defining
auditaudit
logs logs

• On the menu bar, choose BMIDE→New Model Element, type Event Type Mapping in
the Wizards box, and click Next.

• Open the Extensions\Audit Manager folders, right-click the Event Types Mappings folder,
and choose New Event Type Mapping.

The New Event Type Mapping wizard runs.

2. Click the Browse box to the right of the Primary Object box to select the type of business
object you want to audit.

3. Click the Browse box to the right of the Event Type box to select the event you want to audit for
the selected business object.

4. Click the Browse box to the right of the Audit Type box to select the type of audit to use for
this mapping. The audit types are represented by business objects that are children of the
Fnd0AuditLog business object.

5. Click the Browse box to the right of the Secondary Audit Type box to select the
Fnd0SecondaryAudit business object. This Secondary Audit object stores information and
properties about the secondary objects that are related to the main object being audited.

6. Select the Subscribable? check box to specify that the event type mapping can be subscribed to.

7. Select the Auditable? check box to specify that the event type mapping can be audited.

8. In the Description box, type a description for this mapping so that others know what it is used for.

9. Click Finish.

3-6 Audit Manager PLM00022 11.2.3

Defining audit logs

Recommendations for managing audit logs

Siemens PLM Software recommends the following for managing audit logs:
• Avoid activating audit definitions you do not require.

• Do not deactivate the EPMTask-Add Attachment audit definition as some workflow queries are
dependent on the Add Attachment event.

• Frequently purge or archive old audit data.

• When migrating from legacy Audit Manager to the new Audit Manager, use the date range option
to limit the number of audit records for efficient processing.

PLM00022 11.2.3 Audit Manager 3-7

Chapter 4: Archiving and purging audit logs

Use the audit_purge utility to archive or purge audit logs.

PLM00022 11.2.3 Audit Manager 4-1

Chapter 5: Viewing audit information

Accessing audit information

You can access audit information in the following ways:
• Go to the Summary view of the following Teamcenter applications, which shows audit logs in
the Audit logs tab.
o My Teamcenter

o ADA License

o Structure Manager

o Multi-Structure Manager

o Manufacturing Process Planner

o Schedule Manager

o Workflow Viewer

o Organization

• Run predefined audit reports or create new reports, using the Report Builder application.

• Create custom saved queries, using the Query Builder application.

• Run predefined audit queries, using the Teamcenter advanced search functionality.

View audit logs in the Summary view

• The Summary view of the following Teamcenter applications shows audit logs in the Audit
logs tab.
o My Teamcenter

o ADA License

o Structure Manager

o Multi-Structure Manager

o Manufacturing Process Planner

o Schedule Manager

PLM00022 11.2.3 Audit Manager 5-1

Chapter
Chapter 5: 5: Viewing
Viewing
auditaudit information
information

o Workflow Viewer

o Organization

Legacy audit information is only accessible from a button in the Audit Logs tab in the Summary view
when a legacy audit file is present.

The audit logs are grouped in the Summary view as follows:

Log name Description

Workflow Logs Displays workflow logs.

License Change Logs Displays logs of ADA License changes.

License Export Logs Displays ADA License export logs.
File Access Logs Displays file access logs.
Structure Logs Displays structure logs.

Note
Due to performance reasons, PSOccurence
audit logs are not immediately displayed
in the Structure Logs table. To view the
PSOccurence audit logs, refresh the table.

Organization Logs Displays organization logs.

Schedule Logs Displays schedule logs.
General Logs Displays all other general audit logs.
Security Logs Displays security logs.

Note
The Security Logs table appears in the Audit
Logs Summary tab for Project, User, and
Group objects.

5-2 Audit Manager PLM00022 11.2.3

Viewing audit information

View legacy audit data

You can view the legacy audit data related to workflow history, signoff reports, and checkin/checkout
in the Summary view as follows:

Note
The legacy audit data here refers to the audit data that is generated when the
TC_audit_manager preference is set to OFF.

View workflow history

• Select the Summary view in My Teamcenter or Workflow Viewer, expand the Workflow Logs
section, and click the Legacy Workflow History link.
The legacy workflow logs appear in the View Audit File dialog box.

View signoff report

• Select the Summary view in My Teamcenter or Workflow Viewer, expand the Workflow Logs
section, and click the Legacy Signoff Report link.
The legacy workflow logs appear in the View Signoff History dialog box.

View checkin/checkout logs

• Select the Summary view in My Teamcenter or Workflow Viewer, expand the General Logs
section, and click the Complete Checkout History link.
The legacy checkin/checkout logs as well as checkin/checkout logs from the new and legacy
Audit Manager appear in the Checkout History dialog box.

Audit reports
The following audit reports are available when you choose the Tools→Reports→Report Builder
Reports menu command in My Teamcenter:
• Audit - Workflow Attachment Report
Displays workflow logs for the specified workflow attachment.

• Audit - Workflow Detailed Report

Displays workflow logs for the specified workflow process.

• Audit - Workflow Signoff Report

Displays the signoff results and comments for the specified workflow process.

• Audit - Workflow Summary Report

Displays the start, complete, approved, rejected, assign status, demote, promote, fail, and update
actions for the specified workflow process.

• Audit - License Change Report

PLM00022 11.2.3 Audit Manager 5-3

Chapter
Chapter 5: 5: Viewing
Viewing
auditaudit information
information

Displays the ADA License changes for the specified license.

• Audit - License Export Report

Displays the ADA License export for the specified license and object.

• Audit – Organization Report

Displays the changes to an organization.

• Audit - File Access Report

Displays access records of files for the specified object.

• Audit - Structure Report

Displays the structure records for the specified objects.

• Audit - Schedule Report

Displays the audit records for the specified schedule objects.

• Audit - General Report

Displays general audit logs for the specified object.

Creating and running audit queries

You can create custom search queries for audit logs, using the Query Builder application. Saved
queries identify the search criteria that are used to find information in Teamcenter.

Note
Ensure that audit definitions exist for the objects for which you have created saved queries.

Teamcenter provides the following predefined audit queries:

• Audit - File Access Logs

• Audit - General Logs

• Audit - License Change Logs

• Audit - License Export Logs

• Audit - Organization Logs

• Audit - Project Based Logs

• Audit - Schedule Logs

• Audit - Workflow Attachment Logs

• Audit - Workflow Detailed

5-4 Audit Manager PLM00022 11.2.3

Viewing audit information

• Audit - Workflow General

• Audit - Workflow Signoff

• Audit - Workflow Summary

• Audit - Security Logs

Export audit logs from the Summary view

Note
You need Microsoft Excel installed on your computer to export audit logs to Excel.
The Export to Excel option is not available on UNIX clients.

You can export audit logs to Microsoft Excel or csv formats from the Summary view of an object.
1. Select an object whose audit logs you want to export and click the Summary tab.
In the Summary view, select the Audit Logs tab.

2. To export the audit logs in Microsoft Excel format, click the Export to Excel button.
To export the audit logs in csv format, click the Export to CSV button.
Depending on the export option you select, the Export to Excel or Export to CSV dialog
boxes appear.

3. In the Export to Excel or Export to CSV dialog box, select the audit log type you want to export.

4. Click OK.

Depending on the export format you choose, Teamcenter exports the audit logs in Microsoft Excel or
csv format.

Export audit logs to Microsoft Excel

1. Run a saved query and choose the audit logs you want to export from the Details tab.

2. Choose Tools→Export→Objects To Excel.

Teamcenter displays the Export To Excel dialog box.

3. Under Object Selection, click one of the following:

• Click Export Selected Objects to export the selected rows in the view.

• Click Export All Objects in View to export all rows.

4. Under Output Template, select one of the following:

PLM00022 11.2.3 Audit Manager 5-5

Chapter
Chapter 5: 5: Viewing
Viewing
auditaudit information
information

• Select Export All Visible Columns to export all the columns in the view.

• Select Use Excel Template to activate the template list.

In the list, select the AUDIT_log_excel_template_new template.

5. Under Output, click Static Snapshot.

6. Click OK to generate the export Excel file.

Microsoft Excel opens a temporary file. You can create a permanent file by choosing File→Save
As in Excel to display the Save As dialog box.
If you save a live Excel file, you can open it later in My Teamcenter to reconnect it to the database.

Note
You need Microsoft Excel installed on your computer to export audit logs to Excel.
Values that you cannot change in Teamcenter are unavailable in the cells of the live
Excel file.
The export to Excel option is not available on UNIX clients.

Export and import audit logs associated with items

To include audit logs associated with items when you export and import items from one site to another
using high-level data transfer, update the options in the TIEUnconfiguredExportDefault transfer
option set as follows:
• To export audit logs, set the value of the Opt_exp_auditrec option to True. The default value is
False.

• To include audit logs associated with items when you export and import items from one site to
another using high-level data transfer, update the TIEUnconfiguredExportDefault transfer
option set as follows:
o To export audit logs, set the value of the Opt_exp_auditrec option to True. The default
value is False.

o To export workflow audit logs, set the value of the Opt_exp_workflow option to True. The
default value is False.

To include audit logs associated with items when you export and import items from one site
to another using low-level data transfer, update the options in the SiteConsolidationDefault
transfer option set as follows:

o To export audit logs, set the value of the Opt_exp_auditrec option to True. The default
value is True.

o To export workflow audit logs, set the value of the Opt_exp_workflow option to True. The
default value is False.

5-6 Audit Manager PLM00022 11.2.3

Viewing audit information

Best practices for managing audit logs

Following are best practices for managing audit logs:
• Avoid activating audit definitions you do not require.

• Do not deactivate the EPMTask-Add Attachment audit definition as some workflow queries are
dependent on the Add Attachment event.

• Frequently purge or archive old audit data.

• When migrating from legacy Audit Manager to the new Audit Manager, use the date range option
to limit the number of audit records for efficient processing.

PLM00022 11.2.3 Audit Manager 5-7

Chapter 6: Migrating audit data from legacy Audit
Manager to new Audit Manager

Migrating audit configurations

Use the migrate_audit_auditdefinitions utility to migrate legacy Audit Manager configurations to
the new Audit Manager. Run this utility after you have upgraded to a Teamcenter version starting
from version 10.1.
The following tables show legacy Audit Manager configuration objects and the corresponding
configuration objects in the new Audit Manager:

Legacy Audit Manager configuration New Audit Manager configuration objects

objects
ImanEventType ImanEventType

EventTypeMapping Fnd0EventTypeMapping
Audit definition objects Fnd0AuditDefinition
• Log properties Fnd0AuditDefProperty

• Log handler Audit log extensions

• Storage media

• Days kept

The migrate_audit_auditdefinitions utility compares the legacy Audit Manager configuration objects
with the new Audit Manager default configuration and generates a Business Modeler IDE delta
template. You must do the following to this delta template:
• Import the template to a Business Modeler IDE custom project.

• Package the template.

• Deploy the template to the database.

Migrating audit data

Use the migrate_audit_data utility to migrate legacy Audit Manager data to the new Audit Manager.
This is an optional upgrade. Run this utility after you have upgraded to a new version of Teamcenter.

PLM00022 11.2.3 Audit Manager 6-1

Chapter
Chapter 6: 6: Migrating
Migrating
auditaudit
data data
from from legacy
legacy AuditAudit Manager
Manager to Audit
to new new Audit Manager
Manager

Note
Ensure that you have migrated audit configurations from the legacy Audit Manager to the
new Audit Manager before using this utility.

The following table shows where audit logs are stored in the legacy and new Audit Manager:

Legacy Audit Manager New Audit Manager

AUDITLOG Fnd0FileAccessAudit
UserdefinedLog Fnd0GeneralAudit
Fnd0LicenseChangeAudit
Fnd0LicenseExportAudit
Fnd0OrganizationAudit
Fnd0ScheduleAudit
Fnd0StructureAudit
Fnd0WorkflowAudit
Fnd0SecondaryAudit
Fnd0AuditLink

This utility exports audit data from the legacy Audit Manager as a TC XML file using -mode=export.
Import this audit log into Teamcenter using -mode=import.
You can also use the -legacy argument in the migrate_audit_data utility to migrate legacy files
based on reservation history and workflow history audit files residing in Teamcenter volumes to
the new audit data model.

• To export the legacy reservation history audit file:

migrate_audit_data –u=adminjones -p=passjones -g=admin -mode=export
-legacy=reservation -batchsize=1500

• To export the legacy workflow history audit file:

migrate_audit_data –u=adminjones -p=passjones -g=admin -mode=export
-legacy=workflow -batchsize=1500

You can then import legacy audit records:

migrate_audit_data –u=adminjones -p=passjones -g=admin -mode=import
-file=legacy_audit_1.xml

Following import, you can:

• View the legacy reservation history audit records at Summary Page→Audit Logs→General
Logs.

• View the legacy workflow history audit records at Summary Page→Audit Logs→Workflow
Logs.

6-2 Audit Manager PLM00022 11.2.3

Migrating audit data from legacy Audit Manager to new Audit Manager

Once your legacy files migrate successfully, and you verify that they are correct, you can delete
the files manually using the AOM_delete and POM_delete_instances ITK functions to delete the
migrated audit files.

PLM00022 11.2.3 Audit Manager 6-3

Part II: Legacy Audit Manager

The legacy Audit Manager application is deprecated and will be removed in a future version.

PLM00022 11.2.3 Audit Manager

Chapter 7: Getting started with legacy Audit Manager

Legacy Audit Manager overview

System administrators use Audit Manager to create audit logs. Audit logs track what information has
changed and who has changed the information.
Audit Manager supports auditing on workspace objects such as forms, datasets, items, and item
revisions. In addition, Audit Manager supports auditing on administration objects such as users,
groups, and roles. Specifically, system administrators can:
• Define audit definition objects.

• Enable/disable audit trail logging.

• Control audit log access.

After system administrators create audit logs in Teamcenter, users can view these logs from various
Teamcenter applications. Users can also audit any workspace object, administration object, and
event type with an audit definition.

Before you begin

Prerequisites You need Teamcenter administrator privileges to use the Audit Manager
application.

Note
Before working with MS Office datasets, be sure to verify that
your computer has the required software installed. For the latest
requirements, see the Client for Microsoft Office.

Enable Audit You do not need to enable Audit Manager.

Manager
• Ensure that the TC_audit_manager preference is set to ON.

• Ensure that the TC_audit_manager_version preference is set to 2.

Configure Audit There are additional steps you must perform to configure Audit Manager
Manager before you can use it.

Start Audit Manager Click Audit Manager in the navigation pane.

PLM00022 11.2.3 Audit Manager 7-1

Chapter
Chapter 7: 7: Getting
Getting started
started with legacy
with legacy AuditAudit Manager
Manager

Legacy Audit Manager interface

1 Audit Definition Objects pane Displays all audit definition objects. An audit
definition defines what information needs to be
captured when an event occurs.
2 Audit Definition pane Displays the audit definition properties for the
selected audit definition object.

What are perspectives and views?

Within the rich client user interface, application functionality is provided in perspectives and views.
Some applications use perspectives and views to arrange how functionality is presented. Other
applications use a single perspective and view to present information.

Note
Your administrator can use the HiddenPerspectives preference to prevent the display of
some Teamcenter perspectives in the rich client.

If your site has online help installed, you can access application and view help from the rich client
Help menu or by pressing F1.

7-2 Audit Manager PLM00022 11.2.3

Getting started with legacy Audit Manager

Basic concepts for using Audit Manager

Legacy audit functionality

To use legacy audit functionality, you must first create audit definition objects. Audit definition objects
define what information needs to be captured. You can then view audit logs in the in the rich client
using Teamcenter applications such as My Teamcenter, Systems Engineering, Structure Manager,
Multi-Structure Manager, or Manufacturing Process Planner.

Legacy Audit definition object

An audit definition defines what information needs to be captured when an event occurs.
The following elements are used when creating an audit definition object:
• Object type
Specifies the type of object that needs to be logged.

• Event type
Specifies the type of event belonging to a particular object that must be logged.

• Logged properties
Specifies object properties you select for logging. The value of the property at the time of writing
the audit log is logged to audit logs.
For audit definition objects with event type Modify, the old and new values of persistent
properties are tracked.

• Log handler
A log handler allows you to write data other than those captured by audit logs.
You can create custom log handlers.

• Storage
Specifies where audit logs are stored. Depending on your requirements, you can choose to
store audit logs in the database or on a file.

• Archive media
This option appears when you select database as your storage option. This option specifies the
storage media for archiving audit logs.

Viewing legacy audit information

You can view audit logs from Teamcenter applications such as My Teamcenter.
You can also create custom reports to view audit logs using applications like Report Builder.

PLM00022 11.2.3 Audit Manager 7-3

Chapter
Chapter 7: 7: Getting
Getting started
started with legacy
with legacy AuditAudit Manager
Manager

Basic tasks using legacy Audit Manager

The system administrator determines the audit logs to be created. Audit logs are created by audit
definition objects.
When creating audit definition objects, the administrator must specify the object type, event type,
storage type, and other optional parameters. Audit Manager provides lists to select these items.

7-4 Audit Manager PLM00022 11.2.3

Chapter 8: Configuring legacy Audit Manager

Enable legacy audit viewing

Set the value of the following preferences as follows:
• Legacy Audit Manager data is available if the TC_audit_manager preference is set to ON and
the TC_audit_manager_version preference is set to 2.
The View→Audit→View Audit Logs command and the option to right-click an object and
choose View Audit Logs are available.

Set preferences for legacy Audit Manager

Use the following preferences to work with Audit Manager:
• TC_audit_buffer_size
Specifies the size of the buffer that holds the audit records during a session.

• TC_audit_delimiter
Specifies the delimiter that separates fields of audit records. This preference is used only for
audit files in text format.

• TC_audit_file_format
Specifies the format of external audit files (.txt or xml).

• TC_audit_log_dir
Specifies the directory where audit log files are stored.

• TC_audit_track_changed_properties_only
Specifies if audit logs are written when there are no changes to any tracked attribute value.

• TC_audit_display_gmt
Specifies if the logged dates in audit logs are shown in the GMT time zone.

You must restart Teamcenter after you change Audit Manager preferences for the changes to take
effect.

Choosing storage media for legacy audit logs

You can store audit logs either in the Teamcenter database or on a file. Based on your requirements,
you can choose from the following options for audit log storage:

PLM00022 11.2.3 Audit Manager 8-1

Chapter
Chapter 8: 8: Configuring
Configuring legacy
legacy AuditAudit Manager
Manager

• Store audit logs in the Teamcenter database

Using this option, all audit log data is stored in the Teamcenter database and searching for an
audit log is simpler and much faster as some of the search attributes are indexed.
To use the Teamcenter database to store audit logs, you must update the database sizing to
accommodate the audit logs.

• Store audit logs in a file

When you store audit logs in a file, the audit data is written to an external file in either text or XML
format that is stored in an operating system directory.

Create storage media for archiving

If you choose database as the storage option for audit logs, you must create a new storage media for
archiving audit logs.

To create a new storage media, see the Business Modeler IDE. Once created, the storage media
appear in the Archive Media list. You can use the audit_archive utility to archive the audit data into
the storage media on a periodic basis.

Note
If you do not create storage media for archiving or if you leave the Archive Media list blank
while creating an audit definition object, then all generated audit records remain in the
database until you manually delete them.

Set access controls for legacy Audit Manager

To specify who has access to audit logs, modify the following rule under Has Class
(POM_application_object)→Working:

Condition = Has Class

Value = AuditLog

ACL Name = AuditLog Rule

To specify access to audit definition objects, modify the following rule or create a new rule under Has
Class (POM_application_object)→Working:

Condition = Has Class

Value = AuditDefinition

ACL Name = Working

8-2 Audit Manager PLM00022 11.2.3

Configuring legacy Audit Manager

Tracking object properties in legacy audit logs

You can track the persistent properties of objects in audit logs.

Note
Run-time properties, compound properties, and relation properties are not tracked.

To track persistent properties, update the audit definition object as follows:

1. Check the Track Old Values? box in the audit definition object to enable the tracking of old
values of primary object properties.

2. Add the persistent properties to the audit definition object.

Configure legacy audit log searching

Create an audit_user.properties file (which is based on the audit.properties file) to allow searching
audit logs based on groups of event types.
The audit.properties is located in the com.teamcenter.rac.common plugin.
In the properties file, insert the following lines:
GroupsOfEventTypes=

event1;event2/event3;event4;event5/event6;event7

event# are valid event types separated by semicolons (;). Separate different groups by slash marks
(/). For example:
GroupsOfEventTypes=
__Check_In;__Check_Out;__Cancel_Check_Out;__Transfer_Check_Out/
__Modify;__Delete/__Assign;__Start

This example creates three groups of event types:

• Group 1 contains:
__Check_In;__Check_Out;__Cancel_Check_Out;__Transfer_Check_Out

• Group 2 contains:
__Modify;__Delete

• Group 3 contains:
__Assign;__Start

After creating these groups of event types, you can select any of the groups from the General tab of
the Viewing the Audit Logs dialog box. In this example, if you select Group 1, all four event types
are searched in audit logs.

PLM00022 11.2.3 Audit Manager 8-3

Chapter
Chapter 8: 8: Configuring
Configuring legacy
legacy AuditAudit Manager
Manager

Create custom audit reports

Teamcenter provides audit reports in the Report Builder application.
You can also create custom audit reports using Report Builder.

Create custom log handlers

Overview to create custom log handlers

A log handler allows you to write data other than that captured by audit logs. In addition to the log
handlers provided by Teamcenter, you can write custom log handlers to capture the data you require.
Teamcenter provides a sample log handler, using which you can write your custom log handler. The
sample log handler is located in the TC_ROOT/sample/examples/user_audit.c file.

Define an action handler for legacy Audit Manager

1. Create a file (for example, my_handler.c) in the \users_exits\code directory with the following
code:
#include <sub_mgr/subscription.h>
#include <user_exits/user_exits.h>
int PEC_Log_Handler(void* message, int nArgs, char** args)
{
TcSubscriptionActionMsg_t* msg =
(TcSubscriptionActionMsg_t*)message;
// add handler code here
return 0;
}

2. Declare the function in the user_exits.h file:

extern USER_EXITS_API int PEC_Log_Handler(void* message, int nArgs,
char** args);

TcSubscriptionActionMsg_t is defined in the subscription.h file.

3. Compile the file and build the libuser_exits.dll file.

4. Install the handler.

Example:

%TC_BIN%\install_handlers -f=create -id=PEC_Log_Handler

-funcname=PEC_log_Handler -functype=1 -execmode=1 exectime=1800

5. Modify the audit definition objects. You can modify the TC_DATA\auditdefinition.dat file to
add the new handler to the audit definition object you want to change. Then, either run the
TC_BIN\define_auditdefs -f=auditdefinition.dat command or interactively log on to the Audit
Manager application in the rich client and modify the audit definition objects to add the new
handler.

8-4 Audit Manager PLM00022 11.2.3

Configuring legacy Audit Manager

Create an event type

An event is an action that occurs to an object in Teamcenter, for example, when an item is checked
out. Teamcenter records audit logs when certain events occur on certain types of objects.

You only need to create a new event type if there is not an existing event type that covers your
needs. When you create a type, its name is only a text reminder of the type of information you are
looking from in the audit. The actual event information is captured by the audit type selected when
you create the event type mapping.

In the past, the install_event_types utility was used to create new events. Now you create new
event types using the Business Modeler IDE.

1. Choose one of these methods:

• On the menu bar, choose BMIDE→New Model Element, type Event Type in the Wizards
box, and click Next.

• Open the Extensions\Audit Manager folders, right-click the Event Types folder, and
choose New Event Type.

The New Event Type wizard runs.

2. In the Id box, type the name of the new event.

3. In the Display Name box, type the name that you want the event to have in the user interface.

4. In the Description box, type a description of the new event so that others know what it is used for.

5. Click Finish.

6. Create an event type mapping definition to connect the event to a business object type.

PLM00022 11.2.3 Audit Manager 8-5

Chapter
Chapter 8: 8: Configuring
Configuring legacy
legacy AuditAudit Manager
Manager

Create an event type mapping

• Open the Extensions\Audit Manager folders, right-click the Event Types Mappings folder,
and choose New Event Type Mapping.

The New Event Type Mapping wizard runs.

2. Click the Browse box to the right of the Primary Object box to select the type of business
object you want to audit.

3. Click the Browse box to the right of the Event Type box to select the event you want to audit for
the selected business object.

8-6 Audit Manager PLM00022 11.2.3

Configuring legacy Audit Manager

6. Select the Subscribable? check box to specify that the event type mapping can be subscribed to.

7. Select the Auditable? check box to specify that the event type mapping can be audited.

8. In the Description box, type a description for this mapping so that others know what it is used for.

9. Click Finish.

PLM00022 11.2.3 Audit Manager 8-7

Chapter 9: Using legacy Audit Manager

Create an audit definition object

1. Select an object type from the Object Type list.

2. Select an event type from the Event Type list.

3. Select a log handler from the Log Handler list.

The following table describes the log handlers released with Teamcenter.

Handler Applies to Description

CICO_audithandler Checkin/ Checkout events Logs check out information, change ID, and reason to
audit logs.
USER_get_additional_log_info EPM module Logs workflow information to Audit logs.

For example, for the __Assign event, it logs information

such as process name, task type, user comments,
assigned to: user ID, and assigned to: user name.
EVENTHANDLER_get_ecm_log ECM module Writes ECM-related data to the Audit logs.
PROJInfo_ Modify events Logs project names that are assigned to the project. The
audithandler project names are comma separated.

4. Select a storage type, either Database or File.

5. If you select Database as the storage type, the Archive Media list appears.
Select the archive media from the Archive Media list.

Note
Leaving the Archive Media list blank causes all generated audit records to remain in
the database until you manually delete them.

If there are no values in the Archive Media list, you must create a storage media.

6. Select properties to further define the object and event type.

a. Select a property from the Object Properties list.

b. Click Add to add the property to the Logged Properties list.

c. To remove a property from the Logged Properties list, select the property and click Remove
.

PLM00022 11.2.3 Audit Manager 9-1

Chapter
Chapter 9: 9: UsingUsing legacy
legacy AuditAudit Manager
Manager

7. Click Create to add the object to the database and add the Audit Definition object to
the Audit Definition Objects tree.

Click Clear at any time to clear all selections.

You can also create an audit definition object by using the define_auditdefs command line utility.

Modify an audit definition object

1. Select the audit definition object to be modified from the Audit Definition Objects list.

2. Select an object type from the Object Type list.

3. Select an event type from the Event Type list.

4. (Optional) Select a log handler from the Log Handler list.

5. Select a storage type, either Database or File.

6. (Optional) Select properties to further define the object or event type:

a. Select a property from the Object Property list.

b. Click Add to add the property to the Logged Properties list.

c. To remove a property from the Logged Properties list, select the property and click Remove
.

7. Click Modify to modify the existing Audit Definition object.

Delete audit definition object

1. Select the Audit Definition object to be deleted from the Audit Definition Objects tree.

2. Click Delete .

Combine audit files

Use the combine_audit_files command line utility to combine all audit files into a single file.

Archive legacy audit logs

Use the audit_archive command line utility to archive audit logs.

9-2 Audit Manager PLM00022 11.2.3

Chapter 10: Viewing legacy audit information

Accessing legacy audit information

Set the value of the TC_audit_manager preference to ON and the TC_audit_manager_version
preference to 2 to view the legacy audit information.

Note
You can view audit logs only if you have read access to the object being audited.

If the TC_audit_manager preference is set to ON and the TC_audit_manager_version preference

is set to 3, you have access to the current Audit Manager functionality, and the legacy audit
information is unavailable.

Generate report builder legacy audit reports

Choose Tools→Reports→Report Builder Reports to display the Report Generation Wizard. You
can select one of the following workflow report designs:
• Admin Audit Report
• Admin - Modification Audit
• WF - Filtered Audit
• WF - Items In Process
• WF - Objects in Process
• WF - Signoffs
• WF - Unfiltered Audit

Teamcenter displays the reports in your Web browser.

In addition to these reports, your administrator can create custom reports using Report Builder.

View legacy audit log information

Note
This data is available only if the TC_audit_manager preference is set to ON and the
TC_audit_manager_version preference is set to 2.

1. (Optional) Select an object in the tree.

2. Choose View→Audit→View Audit Logs.

PLM00022 11.2.3 Audit Manager 10-1

Chapter
Chapter 10:10:Viewing
Viewing legacy
legacy auditaudit information
information

OR
Right-click an object in My Teamcenter and choose View Audit Logs.
The system displays the Audit Log dialog box.

• If you select an object, the object ID, name, revision, and object type are displayed in the
Search Criteria section.

• To select a project, select a project you have access to from the Project list.

• If you want to search for a different object, click the Clear button to clear the existing search
criteria and then type the object ID, name, and revision in the Audit Log dialog box.

3. (Optional) Specify additional search criteria, such as event type, user ID, and date created.

4. (Optional) Click the Advanced tab and type criteria to construct a query based on property values.

Note
The Advanced tab does not display any information if there are no logged properties
in the audit definition object.

a. Select an object type from the Object Type list.

10-2 Audit Manager PLM00022 11.2.3

Viewing legacy audit information

After you select an object type, the Event Type list is enabled.

b. Select an event type from the Event Type list.

The logged properties defined in the audit definition object are shown in the Available
Properties list.

c. Select the properties for which you require audit logs from the Available Properties list, and
click the button to move the property to the Selected Search Criteria list.

Note
You can add up to 20 properties in the Selected Search Criteria list.

d. To search for properties based on old or new values, in the Selected Search Criteria list,
enter the old value in the Old Value column and the new value in the New Value column.

e. Click Find.
Audit logs that match your selected criteria appear.

5. Click Find.

The system displays the audit logs that match the search criteria.
Property value changes are shown in the User Data column of the audit log. The User Data
column shows the property name, the old value of the property, and the new value of the property.
The old value of the property is the same as the new value of the property if the property value
does not change.

PLM00022 11.2.3 Audit Manager 10-3

Chapter
Chapter 10:10:Viewing
Viewing legacy
legacy auditaudit information
information

Note
Only persistent properties of objects are tracked. Run-time, compound, and relational
properties are not tracked by Audit Manager.

View audit information for deleted objects

Note
Only Teamcenter administrators can view audit logs of deleted objects.

1. Choose View→Audit→View Audit Logs.

The system displays the Audit Log dialog box.

2. Type the object ID of the deleted object in the Audit Log dialog box.

3. Click Find.
Teamcenter displays the audit logs of the deleted objects.

Export legacy audit information

You can export audit logs as an Excel file or in the CSV format.

Note
The TC_audit_manager preference setting controls the Audit menu commands.
• OFF (default)
View→Audit→File and View→Audit→Signoff Report are available.

• ON
View→Audit→View Audit Logs is available.

1. (Optional) Select an object in the navigation tree.

2. Choose View→Audit→View Audit Logs.

The system displays the Audit Log dialog box.

• If you select an object, the object ID, name, revision, and object type are displayed in the
Search Criteria section.

3. (Optional) Specify additional search criteria, such as event type, user ID, and date created.

10-4 Audit Manager PLM00022 11.2.3

Viewing legacy audit information

4. (Optional) Click the Advanced tab and type the criteria to construct a query based on property
values.

Note
The Advanced tab does not display any information if there are no logged properties
in the audit definition object.

5. Click Find.
The system displays the audit logs that match the search criteria.

6. Click Export Audit Log.

In the Export Audit Log dialog box, choose the following options:

• From the Object Selection section, choose one of the following options:
o Choose the Export Selected Objects option to export only the selected objects from
the audit log.

o Choose the Export All Objects In View option to export all objects from the audit log.

• From the Output Format section, choose one of the following options:
o Choose the Use Excel option to export the audit logs in an Excel file.
Select the Excel export template from the list next to the Use Excel option.

Note
The export to Excel option is only available on Microsoft Windows machines.

o Choose the Use CSV option to export the audit logs in a CSV file.

7. Click OK to export the audit log.

Best practices for searching legacy audit information

The Teamcenter server may run out of memory if your search criteria returns an extremely large
number of objects, for example, fifteen to twenty thousand records. Use the following best practices
to search for audit information:
• Avoid wild card search criteria. Add at least three characters before a wild card and enter
additional criteria in search fields to get a smaller result set.

• Avoid using object type as the only search criteria. Enter additional criteria along with the object
type.

• Avoid using wide date ranges. If you use a wide date range, select additional search criteria.

• Avoid using only event type. Generally, an audit log has maximum records for the Modify event.

PLM00022 11.2.3 Audit Manager 10-5

Chapter
Chapter 10:10:Viewing
Viewing legacy
legacy auditaudit information
information

• Avoid searching only by Group Name or User ID.

• Avoid search only by error code. By default, all values are 0 and may cause Teamcenter to crash.

10-6 Audit Manager PLM00022 11.2.3

Part III: Legacy workflow and reservation auditing

Beginning with Teamcenter 10.1, the legacy workflow and reservation auditing functionality is no
longer available. This section documents the functionality available before Teamcenter 10.1.
The workflow and reservation audit functionality gives you the ability to capture workflow, signoff, and
checkout audit logs. The audit logs are stored in a file.

PLM00022 11.2.3 Audit Manager

Chapter 11: Configuring legacy workflow and
reservation auditing

Note
Beginning with Teamcenter 10.1, the legacy workflow and reservation auditing functionality
is no longer available. This section documents the functionality available before
Teamcenter 10.1.

Set the following preference to use the workflow and reservation auditing functionality:
• TC_audit_manager
Set the preference value to OFF to enable the auditing functionality.

You must restart Teamcenter after you change Audit Manager preferences for the changes to take
effect.

PLM00022 11.2.3 Audit Manager 11-1

Chapter 12: View legacy audit and signoff history in HTML format

Note
Beginning with Teamcenter 10.1, the legacy workflow and reservation auditing functionality
is no longer available. This section documents the functionality available before
Teamcenter 10.1.

Note
This information is available if the TC_audit_manager preference is set to OFF.

1. Select a data object or workflow process.

2. Choose View→Audit→Signoff Report.

Audit and signoff history reports generated for selected data objects or workflow processes contain
details and additional information about each task.

Task Task details Additional information

Route • Responsible party Signoff status and the history of each reviewer's
• List of selected signoff activity, including the signoff creation date,
reviewers decision date, and comments for each signoff
• List of users to decision.
acknowledge task
• List of users to receive Date and comments related to delegation of
notification signoff, if applicable.
Review • Responsible party Signoff status and the history of each reviewer's
• List of selected signoff activity, including the signoff creation date,
reviewers decision date, and comments for each signoff
decision.
Date and comments related to delegation of
signoff, if applicable.
Acknowledge • Responsible party Signoff status and the history of each reviewer's
• List of selected users to signoff activity, including the signoff creation date,
acknowledge task decision date, and comments for each signoff
decision.
Date and comments related to delegation of
signoff, if applicable.
Condition • Result of the condition Task start and completion dates.
• Responsible party

PLM00022 11.2.3 Audit Manager 12-1

Chapter
Chapter 12:12:View View legacy
legacy auditaudit and signoff
and signoff history
history in HTML
in HTML format
format

Task Task details Additional information

Do tasks and all Responsible party Task start and completion date, allowed duration
other single-user and/or due date.
tasks

12-2 Audit Manager PLM00022 11.2.3

Chapter 13: View legacy audit files

Note
Beginning with Teamcenter 10.1, the legacy workflow and reservation auditing functionality
is no longer available. This section documents the functionality available before
Teamcenter 10.1.

Note
This information is available if the TC_audit_manager preference is set to OFF.

1. Select the object in the tree or in the Details table.

2. Choose View→Audit→File.
The system displays the workflow audit file in the View Audit File dialog box.

Note
Legacy audit files display information about workflow-related events, such as when a
task is started, approved, or completed. Audit files also display information about the
delegation of tasks using the Out of Office Assistant, which appears in the log file as
Assign Approver events.

PLM00022 11.2.3 Audit Manager 13-1

Part IV: Appendixes

PLM00022 11.2.3 Audit Manager

Appendix A: Audit log extensions

Teamcenter provides the following log extensions:

• Fnd0WriteSecondaryProperties
This log extension writes secondary object properties to the primary object. The following
secondary properties are written to primary business objects:

Audit business objects Fnd0WorkflowAudit Fnd0StructureAudit,

business object Fnd0ScheduleAudit,
Fnd0OrganizationAudit,
Fnd0GeneralAudit, and
Fnd0LicenseExportAudit
business objects
fnd0SecondaryObject fnd0SecondaryObject
fnd0Secondary fnd0SecondaryObject
ObjectType Type
fnd0Secondary fnd0SecondaryObject
ObjectName Name
fnd0Secondary fnd0SecondaryObjectID
Secondary business object
ObjectID
properties
fnd0Secondary fnd0SecondaryObject
ObjectRevID RevID
fnd0Secondary fnd0SecondaryObj
ObjDispName DispName
fnd0Secondary
ObjQualifier

By default, this log extension is attached to the following audit definitions:

o EPMTask:__Add_Attachment

o EPMTask:__Remove_Attachment

o ADA_License:__Attach_License

o ADA_License:__Detach_License

o BOMView Revision:__Component_Add

o BOMView Revision:__Component_Remove

o ScheduleTask:__ResourceAssignment_Create

PLM00022 11.2.3 Audit Manager A-1

Appendix
Appendix A: A:
AuditAudit log extensions
log extensions

o ScheduleTask:__ResourceAssignment_Modify

o ScheduleTask:__ResourceAssignment_Delete

o ScheduleTask:__TaskDependency_Create

o ScheduleTask:__TaskDependency_Modify

o ScheduleTask:__TaskDependency_Delete

• Fnd0OCC_track_position_orientation_audithandler
This log extension enables the logging of occurrence position and orientation changes of the
components in structures. It is attached to the PSOccurrence:__Modify audit definition.

Note
You must not use this log extension in any audit definition except for audit definitions
that log position and orientation changes of components based on occurrence
properties.

• Fnd0CICO_auditloghandler
This log extension applies to checkin and checkout events. It logs the change ID and reason
why the object is checked in or out.

• Fnd0PROJInfo_audithandler
This log extension logs information about objects that are assigned to projects. The project
names are separated by commas.
By default, this extension is not available on any audit definition.

• Fnd0USER_get_additional_log_info
This log extension logs workflow information. For example, for the __Assign event, this log
extension logs information like the process name, task type, user comments, user ID, and the
user name the workflow is assigned to.
This log extension applies to workflow-related events such as __Abort, __Add_attachment,
__Approve, __Assign, __Assign_Approver, __Complete, __Demote, __Fail, __Notify,
__Perform, __Reject, __Stand_In, __Remove_Attachment, __Resume, __Start, __Suspend,
and __Update_Process.

• Fnd0WriteSignoffDetails
This log extension logs workflow signoff history. For example, for the __Add_attachment event,
this log extension logs information like signoff decision, job, sign off, user ID, sign off group,
and sign off role name.
This log extension applies to workflow related events such as __Add_attachment, __Approve,
__Reject, __Stand_In, and __Remove_Attachment.

A-2 Audit Manager PLM00022 11.2.3

Appendix B: Audit Manager preferences

PLM00022 11.2.3 Audit Manager B-1

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

TC_audit_manager_version

DESCRIPTION
Enables or disables different auditing functionality types.
VALID
VALUES
2 Enables the legacy Audit Manager application.
This legacy application provides access to out-of-the-box auditing reports;
to the Viewing the audit logs dialog box, which allows you to search
audit records, and to the View Audit File dialog box, which displays audit
information for the selected object. If a selected object has a legacy audit file
attached, you can access this file from the Viewing the Audit Logs dialog box.
To enable this legacy audit application, you must also set the value of the
TC_audit_manager preference to ON.
3 Enables the new auditing functionality. You must also set the value of the
TC_audit_manager preference to ON.
This auditing functionality allows you to define audit definitions using the
Business Modeler IDE. You can also view audit logs in the Summary view of
some Teamcenter applications.
DEFAULT
VALUES
3
DEFAULT
PROTECTION
SCOPE
Site preference.

B-2 Audit Manager PLM00022 11.2.3

Audit Manager preferences

Fnd0LicenseExportAuditSec_ColumnPreferences

DESCRIPTION
Specifies that a list of columns be displayed in the secondary audit table for objects of
type Fnd0LicenseExportAudit.
VALID
VALUES
Property names from the Fnd0SecondaryAudit class.
DEFAULT
VALUES
object_string
object_type
object_name
fnd0PrimaryObjectID
sequence_id
fnd0ObjectDisplayName
fnd0PrimaryObjectRevID

DEFAULT
PROTECTION
SCOPE
User preference.

PLM00022 11.2.3 Audit Manager B-3

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

Fnd0WorkflowAuditSec_ColumnPreferences

DESCRIPTION
Specifies that a list of columns be displayed in the secondary audit table for objects
of type Fnd0WorkflowAudit.
VALID
VALUES
Property names from the Fnd0SecodnaryAudit class.
DEFAULT
VALUES
object_string
object_type
object_name
fnd0PrimaryObjectID
sequence_id
fnd0ObjectDisplayName
fnd0PrimaryObjectRevID

DEFAULT
PROTECTION
SCOPE
User preference.

B-4 Audit Manager PLM00022 11.2.3

Audit Manager preferences

Fnd0StructureAuditSec_ColumnPreferences

DESCRIPTION
Specifies that a list of columns be displayed in the secondary audit table for objects
of type Fnd0StructureAudit.
VALID
VALUES
Property names from the Fnd0SecodnaryAudit class.
DEFAULT
VALUES
object_string
object_type
object_name
fnd0PrimaryObjectID
sequence_id
fnd0ObjectDisplayName
fnd0PrimaryObjectRevID

DEFAULT
PROTECTION
SCOPE
User preference.

PLM00022 11.2.3 Audit Manager B-5

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

Fnd0ScheduleAuditSec_ColumnPreferences

DESCRIPTION
Specifies that a list of columns be displayed in the secondary audit table for objects
of type Fnd0ScheduleAudit.
VALID
VALUES
Property names from the Fnd0SecodnaryAudit class.
DEFAULT
VALUES
object_string
object_type
fnd0Object
object_name
fnd0PrimaryObjectID
sequence_id
fnd0ObjectDisplayName
schedule_tag
schedule_tagDisp
fnd0state
fnd0status
cost
currency
user_id
user_name
role_name
discipline_name
group
groupDisp
role
roleDisp
name

DEFAULT
PROTECTION
SCOPE
User preference.

B-6 Audit Manager PLM00022 11.2.3

Audit Manager preferences

TC_audit_manager

DESCRIPTION
Determines auditing behavior.

Note
When set to ON, this preference controls the display of the Process History
tab.

VALID
VALUES
ON Enables the Audit Manager application.
Enables full auditing functionality, providing access to out-of-the-box audit saved
search and reports, to the Viewing the Audit Logs dialog box, which allows
you to search and view audit information for the selected Teamcenter object.
If a selected object has a legacy audit file attached, such as workflow history,
the user can access this file by using the View Audit File dialog box from the
Viewing the Audit Logs dialog box.
OFF Disables the Audit Manager application; the application is not compatible with
the legacy file-based functionality.
Enables only the legacy View Audit File dialog box, which displays audit
information for the selected object.
DEFAULT
VALUES
ON
DEFAULT
PROTECTION
SCOPE
Site preference.

PLM00022 11.2.3 Audit Manager B-7

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

TC_audit_avoid_delegation_for_audit_access

DESCRIPTION
Specifies the list of audit log types for which the default audit log access delegation
mechanism is disabled. For these types, the access rights defined in the Access
Manager application apply.

Note
Make certain the correct access rules are defined for users to be able to
view the audit logs.

VALID
VALUES
Valid values are audit log types, for example, Fnd0OrganizationAudit and
Fnd0GeneralAudit.
DEFAULT
VALUES
None.
DEFAULT
PROTECTION
SCOPE
Site preference.

B-8 Audit Manager PLM00022 11.2.3

Audit Manager preferences

TC_audit_number_of_logs_to_load

DESCRIPTION
Specifies the number of audit logs to load in the Summary view of Teamcenter
applications showing audit logs.
VALID
VALUES
Any integer value.
DEFAULT
VALUES
100
DEFAULT
PROTECTION
SCOPE
User preference.

PLM00022 11.2.3 Audit Manager B-9

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

TC_audit_log_dir

Note
This preference is deprecated and will be removed in a future version.

DESCRIPTION
Specifies the directory where audit log files are stored. If the directory specified by
this preference cannot be created, audit log files are saved to the preference's default
setting.
The TC_LOG environment variable must be defined first before starting a Teamcenter
session.
VALID
VALUES
Single string as a value; must be a valid directory path.
DEFAULT
VALUES
%TC_LOG%\audit
DEFAULT
PROTECTION
SCOPE
Group preference.

B-10 Audit Manager PLM00022 11.2.3

Audit Manager preferences

TC_audit_buffer_size

Note
This preference is deprecated and will be removed in a future version.

DESCRIPTION
Specifies the size of the buffer that holds the audit records during a session. Once
the buffer size is met, the buffer is written to an external file. This number should be
slightly larger than the number of audited events generated during a typical session.
Thus, flushing the buffer to the external file happens only after exiting the session with
no performance penalty.
VALID
VALUES
A positive integer.
DEFAULT
VALUES
1000
DEFAULT
PROTECTION
SCOPE
Group preference.

PLM00022 11.2.3 Audit Manager B-11

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

TC_audit_file_format

Note
This preference is deprecated and will be removed in a future version.

DESCRIPTION
Specifies the format of external audit files.
VALID
VALUES
0 Text format (.txt).
1 XML format (.xml).
DEFAULT
VALUES
1
DEFAULT
PROTECTION
SCOPE
Group preference.

B-12 Audit Manager PLM00022 11.2.3

Audit Manager preferences

TC_audit_delimiter

Note
This preference is deprecated and will be removed in a future version.

DESCRIPTION
Specifies the delimiter that separates fields of audit records.
This preference is used only for audit files in text format. When importing the audit file
into Microsoft Excel or Access, you must specify the same delimiter as you defined
in this preference.
VALID
VALUES
Multiple characters. Siemens PLM Software recommends a single character is used.
Though a single-character entry is not enforced, some spreadsheet programs such as
Excel do not allow multiple character delimiters.
DEFAULT
VALUES
^
DEFAULT
PROTECTION
SCOPE
Group preference.

PLM00022 11.2.3 Audit Manager B-13

Appendix
Appendix B: B:
AuditAudit Manager
Manager preferences
preferences

TC_audit_track_changed_properties_only

Note
This preference is deprecated and will be removed in a future version.

DESCRIPTION
Specifies if audit logs are written when there are no changes to any tracked attribute
value.
This preference applies to the Modify event type only.
VALID
VALUES
True Audit logs are written only when a tracked attribute value changes.
False Audit logs are written irrespective of changes in tracked attribute values.
DEFAULT
VALUES
False
DEFAULT
PROTECTION
SCOPE
Site preference.

B-14 Audit Manager PLM00022 11.2.3

Audit Manager preferences

TC_audit_display_gmt

Note
This preference is deprecated and will be removed in a future version.

DESCRIPTION
Specifies if the logged dates in audit logs are shown in the GMT time zone.
VALID
VALUES
true Logged dates are in the GMT time zone.
false Logged dates are in the local server time zone.
DEFAULT
VALUES
false
DEFAULT
PROTECTION
SCOPE
Site preference.

PLM00022 11.2.3 Audit Manager B-15

Part V: Legacy Audit Manager appendixes

PLM00022 11.2.3 Audit Manager

Appendix C: Command line utilities for configuring
legacy Audit Manager

Use the following command line utilities to modify Audit Manager:

• audit_archive

• combine_audit_files

• define_auditdefs

PLM00022 11.2.3 Audit Manager C-1

Appendix D: ITK functions for configuring legacy Audit Manager

Use the following ITK functions to modify Audit Manager:

• AUDIT_delete_records

• AUDIT_delete_specified_records

• AUDIT_get_records

• AUDIT_get_records_with_specified_col

• AUDIT_initialize_log_query

• AUDIT_insert_record

• AUDIT_log_event

• AUDITMGR_add_audit_properties

• AUDITMGR_create_audit_definition

• AUDITMGR_find_audit_definition

• AUDITMGR_get_archive_media

• AUDITMGR_get_audit_properties

• AUDITMGR_get_auditable_types

• AUDITMGR_get_event_type

• AUDITMGR_get_log_handler

• AUDITMGR_get_max_days_kept

• AUDITMGR_get_object_type

• AUDITMGR_get_storage_type

• AUDITMGR_remove_audit_properties

• AUDITMGR_set_archive_media

• AUDITMGR_set_log_handler

• AUDITMGR_set_max_days_kept

• AUDITMGR_set_storage_type

PLM00022 11.2.3 Audit Manager D-1

Appendix
Appendix D: D: ITK functions
ITK functions for configuring
for configuring legacy
legacy AuditAudit Manager
Manager

Note
To access the Integration Toolkit Function Reference, install the Teamcenter developer
references when you install Teamcenter online help, or go to the Global Technical Access
Center (GTAC).

D-2 Audit Manager PLM00022 11.2.3

Appendix E: Viewing legacy audit logs for changes to structures

You can view audit logs for changes to structure from Structure Manager, Multi-Structure Manager, or
Manufacturing Process Planner applications.
To view audit logs in these applications, do one of the following:
• Select the BOM line and choose View→Audit→View Audit Logs.

• Right-click a BOM line and choose View Audit Logs.

You view the audit logs in the Audit Log dialog box.

Note
If you click Clear to clear Audit Log dialog box of the existing search criteria and
search for audit logs by typing the same search criteria, you see the audit logs of
other occurrences of the structure.

Teamcenter provides the following audit definitions for viewing changes to structure:

Audit definition Description

BOMView Revision - Component Component is added to a structure.
Add
BOMView Revision - Component Component is removed from a structure.
Remove
PSOccurrence - Modify Component is modified from a structure.
This audit definition also tracks position and
orientation changes when the handler is
OCC_track_position_orientation.
PSOccurrenceNotes - Modify Component is modified with occurrence note values.

Note
For position and orientation tracking, actual values of position and orientation are not
written to audit logs. For position change, old value is written as Old Position and new
value is written as New Position. For orientation change, old value is written as Old
Orientation and new value is written as New Orientation.
Changes to UG Form are written as changes to UG Dataset.

PLM00022 11.2.3 Audit Manager E-1

Appendix
Appendix E: E: Viewing
Viewing legacy
legacy auditaudit
logs logs for changes
for changes to structures
to structures

Tracking changes to NX part history

You can track NX part changes in Teamcenter using Teamcenter services API.
You can call the API from NX using the following values:

Property Value
primary object Component object reference
eventTypeName Modify
propertyCount 1
propertyNames NXPartHistory

propertyValues NX part history

The signature of the Teamcenter services API to create audit log is as follows:
DataManagementImpl::PostEventResponse DataManagementImpl::postEvent (
const std::vector< PostEventObjectProperties >& input,
const std::string& eventTypeName )

The signature of the Teamcenter services API to get event types for given object types is as follows:
DataManagementImpl::EventTypesResponse DataManagementImpl::getEventTypes
(const std::vector< ObjectType >& input )

E-2 Audit Manager PLM00022 11.2.3

Appendix F: Legacy Audit Manager events

You can find the events that are auditable in the Event Type Mapping editor of Business Modeler IDE.
The following events are not auditable by default:
• Read_File

• Write_File

PLM00022 11.2.3 Audit Manager F-1

Siemens Industry Software

Headquarters
Europe
Granite Park One
Stephenson House
5800 Granite Parkway
Sir William Siemens Square
Suite 600
Frimley, Camberley
Plano, TX 75024
Surrey, GU16 8QD
USA
+44 (0) 1276 413200
+1 972 987 3000

Asia-Pacific
Americas
Suites 4301-4302, 43/F
Granite Park One
AIA Kowloon Tower, Landmark East
5800 Granite Parkway
100 How Ming Street
Suite 600
Kwun Tong, Kowloon
Plano, TX 75024
Hong Kong
USA
+852 2230 3308
+1 314 264 8499

About Siemens PLM Software

Siemens PLM Software, a business unit of the Siemens
Software Inc. Siemens and the Siemens logo are
Industry Automation Division, is a leading global provider
registered trademarks of Siemens AG. D-Cubed,
of product lifecycle management (PLM) software and
Femap, Geolus, GO PLM, I-deas, Insight, JT, NX,
services with 7 million licensed seats and 71,000 customers
Parasolid, Solid Edge, Teamcenter, Tecnomatix and
worldwide. Headquartered in Plano, Texas, Siemens
Velocity Series are trademarks or registered trademarks
PLM Software works collaboratively with companies
of Siemens Product Lifecycle Management Software
to deliver open solutions that help them turn more
Inc. or its subsidiaries in the United States and in other
ideas into successful products. For more information
countries. All other trademarks, registered trademarks
on Siemens PLM Software products and services, visit
or service marks belong to their respective holders.
www.siemens.com/plm.

Audit Manager
No ratings yet
Audit Manager
125 pages
User Manual SAP AM PDF
No ratings yet
User Manual SAP AM PDF
110 pages
Audit Manager
No ratings yet
Audit Manager
144 pages
audit_manager
No ratings yet
audit_manager
44 pages
Audit Manager (Tc12.3)
No ratings yet
Audit Manager (Tc12.3)
62 pages
Audit Que (NetWare Auditing)
No ratings yet
Audit Que (NetWare Auditing)
334 pages
9-0-SP1 Audit Logging Guide
No ratings yet
9-0-SP1 Audit Logging Guide
38 pages
SAP Audit Management - Public User Guide - 1.4 SP00
No ratings yet
SAP Audit Management - Public User Guide - 1.4 SP00
112 pages
Mega GRC 3.2 en - Audit User Guide
No ratings yet
Mega GRC 3.2 en - Audit User Guide
52 pages
Loio S4
No ratings yet
Loio S4
286 pages
AIX Audit Trails
No ratings yet
AIX Audit Trails
266 pages
SAP Audit Management -Public User Guide_1.5 SP00
No ratings yet
SAP Audit Management -Public User Guide_1.5 SP00
152 pages
audit_manager
No ratings yet
audit_manager
46 pages
NCSC TR 005 3
No ratings yet
NCSC TR 005 3
59 pages
SAP Audit Management PDF
100% (1)
SAP Audit Management PDF
110 pages
Extensibility Guide for SAP Audit Management_1.5 SP00
No ratings yet
Extensibility Guide for SAP Audit Management_1.5 SP00
126 pages
OpenScape Business V1, Accounting Manager, User Guide, Issue 1 PDF
No ratings yet
OpenScape Business V1, Accounting Manager, User Guide, Issue 1 PDF
29 pages
Business Process Insight Integration Train - Hewlett-Packard Company
No ratings yet
Business Process Insight Integration Train - Hewlett-Packard Company
98 pages
Reference Guide: IBM Cognos TM1
No ratings yet
Reference Guide: IBM Cognos TM1
336 pages
User Guide: Quest Change Auditor For SQL Server 7.0
No ratings yet
User Guide: Quest Change Auditor For SQL Server 7.0
32 pages
R1200appendix F
No ratings yet
R1200appendix F
361 pages
Results User Guide Windows
No ratings yet
Results User Guide Windows
192 pages
HFM - 9.3 Guide
No ratings yet
HFM - 9.3 Guide
432 pages
Incentive Management Admin Design Guide: User Guide - PUBLIC Document Version: PROD - 2024-02-23
No ratings yet
Incentive Management Admin Design Guide: User Guide - PUBLIC Document Version: PROD - 2024-02-23
482 pages
E1UR010IF11SE
No ratings yet
E1UR010IF11SE
446 pages
SAP4HANA
No ratings yet
SAP4HANA
530 pages
AtTask User Guide
No ratings yet
AtTask User Guide
345 pages
DataFlux Data Management Studio 2.8 - Administrator's Guide
No ratings yet
DataFlux Data Management Studio 2.8 - Administrator's Guide
128 pages
Fortify
No ratings yet
Fortify
100 pages
Sage Fixed Assets Depreciation 2016.1: User Guide
No ratings yet
Sage Fixed Assets Depreciation 2016.1: User Guide
640 pages
Hyperion® Financial Reporting Studio: User'S Guide
No ratings yet
Hyperion® Financial Reporting Studio: User'S Guide
370 pages
Sapetd
No ratings yet
Sapetd
168 pages
FRX 60
No ratings yet
FRX 60
296 pages
Foundation Admin 2023
No ratings yet
Foundation Admin 2023
152 pages
Siemens FMX 4
No ratings yet
Siemens FMX 4
50 pages
Front Cover: What's New in IBM I 7.3 and IBM POWER8 Systems
No ratings yet
Front Cover: What's New in IBM I 7.3 and IBM POWER8 Systems
29 pages
SQL Engine Reference
No ratings yet
SQL Engine Reference
608 pages
Hyperion Financial Management 9.3.1: Create and Manage Applications
No ratings yet
Hyperion Financial Management 9.3.1: Create and Manage Applications
16 pages
Netwrix Auditor Installation Configuration Guide
No ratings yet
Netwrix Auditor Installation Configuration Guide
316 pages
A Student Guide
No ratings yet
A Student Guide
420 pages
Working With Audit Policies
No ratings yet
Working With Audit Policies
26 pages
PowerCenter 9' Level 2 Developer Student Guide Lab
No ratings yet
PowerCenter 9' Level 2 Developer Student Guide Lab
84 pages
Certification Study Guide IBM Tivoli Compliance Insight Manager V8.5 Sg247664
No ratings yet
Certification Study Guide IBM Tivoli Compliance Insight Manager V8.5 Sg247664
232 pages
MCC April2025 Administration En
No ratings yet
MCC April2025 Administration En
148 pages
DataStudio Redbook
No ratings yet
DataStudio Redbook
166 pages
Auditing and Accounting On AIX
No ratings yet
Auditing and Accounting On AIX
200 pages