Log for SOX

Win_Myo_Htet · February 10, 2006, 4:52am

Hi

After Worldcom and Eron’‘s coporate corruption, the goverment and market demand that the corporate’‘s activities should be transparent to the auditors. I don’'t know if those auditor has specific requirement for IM or not (or may be in the future). For example we have a helpdesk ticket system and the user request to add into the certain mailing list. We add the user to the list using a script that also do the logging and we usually put the ticket number. I wonder if we might need that kind of logging in the future for wildfire. Just my thought.

regards,

wmhtet

Win_Myo_Htet · March 11, 2006, 5:26am

Hmm…

My previous post is not very clear. It would be nice if wild fire has system maintainence logging mechanism. For example,

-which admin has changed the system properties.

-which admin has created the user, group, muc room

-which admin has shutdown the server for what reason(need to have shutdown button in admin console)

-when is the server upgraded or downgraded

-when is the plugin added ( if possible, who has added the plugin by making plugin not to start working right away unless the admin make it start)

with Viewer, of course

Regards,

wmhtet

Message was edited by: wmhtet

LG1 · March 11, 2006, 11:34am

Hi wmhtet,

we use a tool similar to a trouble ticket system to track all changes. As Wifi is only one of 100 applications it seems to be a bad idea that every application uses it’'s own feature to do this. Also you may use Windows/Linux, AD/LDAP, MySQL/Oracle together with Wifi. So I wonder if this is the right approach.

So if one want’'s to a major change like update Wifi (or add a plugin or change the operating system version or the database version) a ticket is created. After the update it is closed.

LG

Win_Myo_Htet · March 11, 2006, 7:44pm

LG

I am a junior in the field and you can enlighten me more. Yes, we have the ticket system to track the user requests and major and minor chages but I also notice that we do the logging on the system side also. Let me try a redundent example here again,

-the user request the aliases for the email address via ticket.

It is logged in the ticket system.

-I made the change on the system for that.

-Then I put down the ticket number in the system.

-It is logged in the system.

I think that it is needed because when there is an issue with the System, we check the system log first and then track ticket number if necessary.

Let’'s try a wildfire example,

-a particular user has access to the MUC room where he does not belong to

( a probable SOX violation)

-we will first check the supposed WIld Fire system log to see if there is a ticket or who make the change

(we won’'t look for the change in the ticket system, where it tracks everything for all the system, at first)

-Once, we got the ticket number from WildFire system log, then we will see who has requested it and who has approved that in the ticket system.

Sometime there won’'t be a ticket for minor changes and instead of creating ticket oneself, it would be better to do the logging on the system. It may also help sys admin a lot when it comes to trouble shooting because he might have an idea what changes trigger the problem by going through the system log.

I hope that I am not confusing

wmhtet