Audit definitions
Audit definitions represent information that describes how to audit an event.
An audit definition includes the following elements:
- The system or custom event to audit. In the administration console, you can find the event classes for an object store under .
- The option to record the following source objects in the audit record: the modified post-event object and the original pre-event object.
- The option to apply a filter expression to the source object of the event. The filter expression determines whether the event is audited. For example, a filter expression can test if a property on the source object changed; if not, the event is not audited. Filter expressions are applied only for successful operations.
- The option to name an audit definition to associate it with a particular audit processing client or client function.
- The option to disable an audit definition.
Audit definition for query events from FileNet P8 client applications
Some IBM® FileNet® P8 client applications search the Document class as opposed to the Document subclass that is explicitly referenced in the FROM clause of a query. For QueryEvent events that are fired by these applications, create an audit definition for the Document class instead of the appropriate subclass. The IBM Content Navigator application behaves in this manner.
For all other client applications that use the Content Engine API to submit queries, create an audit definition for the appropriate Document subclass.