The Auditing Framework in SAP BusinessObjects Enterprise has grown by leaps and bounds with each new version.  The XI Release 2 version was rudimentary.  The XI 3.x version was actually quite useful.  Now, with the new BI 4.0 version, auditing is essential in understanding how your Business Intelligence architecture is being utilized.  Without it, you're flying blind.

I'm really happy with it, since, as a support guy, I'm thinking it's going to make my job a lot easier.

New Auditing Features

There's tons of enhancements to the auditing framework - you can read about it in the Administrator's Guide.

I'll briefly describe what I find the most interesting - from a custom coder perspective.

Each auditing event entry in the ADS_EVENT table has a Action_ID value.  As documented, this ID is  'A unique identifier that can be used to tie together a sequence of events initiatedby a single user action'.  So say a user clicks refresh on a dashboard, that then in turn refreshes a Web Intelligence document contained within.  The Action_ID will tie this cascade of events across multiple services back to the initiating user action.  In previous version, it was difficult to determine, looking at an auditing event for a document refresh, what exactly triggered the refresh request.  Not anymore!

In support, we spend appreciable time tracing back auditing and tracelogs, comparing timestamp values, just to infer this info.  Like I said, this new auditing feature is going to make my job a lot easier.

But what if the event was trigged by a custom application that uses the SAP BusinessObjects Enterprise SDK?  In previous versions, custom apps just weren't within the purview of audited events.  Not anymore!

If you look at the ADS_EVENT.CLIENT_TYPE_ID column, those values are CUID representing the application that invoked the event.  If you link that column to ADS_APPLICATION_TYPE_STR.APPLICATION_TYPE_ID, and print out the ADS_APPLICATION_TYPE_STR.APPLICATION_TYPE_NAME, you'll see values like 'BI Launchpad', 'CMC', 'Web Intelligence', etc.  This is the way to simply determine which client application requested the service that triggered the auditing event.

Custom Code and the Auditing Framework

But what of custom applications?  If you full-scan the ADS_APPLICATION_TYPE_STR, you'll see interesting values for the APPLICATION_TYPE_NAME: 'Custom Application 1', Custom Application 2', etc, all the way up to 'Custom Application 25'.

Those 25 CLIENT_TYPE_ID values have been reserved specifically for custom applications.  If you look in the SAP BusinessObjects Enterprise Java SDK Developer's Guide, you'll see all the custom application CUIDs listed:

CUID	Application Name
AZ4HLbS0loRMpE2twk442RU	Custom Application 1
AR6QLgQwJjxElm502FT_b4A	Custom Application 2
AWYcldOex_tAodjJRrlogIk	Custom Application 3
ASahxem3v_xGjXsQKQaskyk	Custom Application 4
AbKQQkLhQ9RKpbMEV7DECkc	Custom Application 5
AcBrUi5J0rVCiFZ.M35hCYM	Custom Application 6
Afbw5UJ0UYdJlNbhDusG1mc	Custom Application 7
AT084MQMNHlIs1fUB9Y4x8k	Custom Application 8
AT0F5dLN5rZJq9IuT7pILTU	Custom Application 9
AXKjeUbzVq1Gm9XS4klF1Ho	Custom Application 10
ARc7Bcof_V1JpaH.LaBmKMM	Custom Application 11
AZFkpRO4waBGvZNBt4R85YY	Custom Application 12
AZETCpaYYmRIingE_hCnWFw	Custom Application 13
ARAGSiINlAtMvkpuANjWU6I	Custom Application 14
AcfWGfuiPeREmYs3drOx0sQ	Custom Application 15
AUKOYrZfNBpNimTvy.m_WxU	Custom Application 16
Acdt0d02A6VNq3o8DWHWpH8	Custom Application 17
ASRvlZ.mkeVJrhmSxnCqFb8	Custom Application 18
AXydQKHjGVROt_8czecFvxE	Custom Application 19
Ae25eOj9rcFMj31xm.i_5U8	Custom Application 20
AU0U6l7_vcJKsSBk8eZBQBM	Custom Application 21
AUPgOLoPl9JGl5M19R1SeXw	Custom Application 22
Aa7yGnOcE1pPmfkDuxznG7U	Custom Application 23
AQ8m0QHV9LNArZcRo6a2xuM	Custom Application 24
ASyT3vZzFuZKkE7iXkp_tuI	Custom Application 25

Registering your custom app to register itself as one of these client IDs is quite simple.  There's a new logon method, ISessionMgr.logonEx(String username, String password, String cmsname, String authtype, IEnterpriseLogonInformation logonInformation) that accepts a IEnterpriseLogonInformation instance. By specifying the ClientType bean for the IEnterpriseLogonInformation, subsequent actions taken by the generated EnterpriseSession will be audited under that CLIENT_TYPE_ID value.   For example, the following code snippet:

Log on code snippet registering app under Custom Application 13
    /*       * Log onto Enterprise registering this application as "Custom Application 13".      */      IEnterpriseLogonInformation enterpriseLogonInformation = CrystalEnterprise.getSessionMgr().createLogonInfo();     enterpriseLogonInformation.setClientType("AZETCpaYYmRIingE_hCnWFw");      enterpriseSession = CrystalEnterprise.getSessionMgr().logonEx(BO_USERNAME,              BO_PASSWORD, BO_CMS_NAME, BO_AUTH_TYPE, enterpriseLogonInformation);

registers the EnterpriseSession as 'Custom Application 13', and any subsequent actions triggered via this EnterpriseSession will cause an audit event with CLIENT_TYPE_ID equal to "AZETCpaYYmRIingE_hCnWFw".

For any new development work with SAP BusinessObjects Enterprise BI 4.0 using the Enterprise SDK, I strongly encourage you to register your application with the auditing framework.  It'll be a good idea to conference in all interested developers within your organization, and ensure each of the 25 custom application slots are used uniquely by each separate custom apps being developed.

And not just because it'll make my job troubleshooting workflow issues on client deployments that much easier 🙂

Conclusion

The new auditing framework allows for auditing events triggered by users using custom code.  I highly recommend its use.