SOX Compliance - need Audit Log to ONLY show Production objects
We're struggling with a SOX compliance related issue. We need to routinely export audit logs and review for unauthorized or unexpected changes. The problem is the audit log includes Production and Sandbox data and there is no way to differentiate which is which. I'm trying to prevent the team from prefixing EVERYTHING in stage with "STG". There must be a better way?
Asking for any clever workarounds (I thought of creating a user that only had access to Production, but not sure there is a way to do that). Also asking Celigo to consider enhancing the audit log report to provide environment filters or a column that indicates the environment.
David Gollom just told me we could pull the logs on a tile by tile basis, that's a decent solution and the current winner.
-Steve
-
Steve Klett our apis and a database or our apis with lookups and a S3 bucket/ftp are probably the best route here. To get all audit logs across your environments and account, you can use the https://api.integrator.io/v1/audit endpoint. Now it also doesn't have environment flags within it, but it does have the id reference to the resource that was updated and that would have the environment flag. For example, if I pull the audit logs and have this example:
I can then have a lookup to the import endpoint to see what environment it is in:
You also could just export all IO resource data into a database and then query from there like I've done here:
Or you could just have a lookup and go to an S3 bucket or some other endpoint. Flow zip here.
0 -
Tyler Lamparter - Nice solution, thank you. I continue to forget about the APIs as a solution path for some of these unusual requirements we come up with.
0
Please sign in to leave a comment.
Comments
2 comments