Reporting on User Access in JD Edwards

Auditing changes within E1 can seem daunting! But you can easily audit your History Table for User, Role or Menu changes and identify what was done, when, by whom. Your auditors and going to love this!

Auditing changes within E1 can seem daunting!

Access Auditing Concepts

User access is changed when security related data is modified within a number of tables in JD Edwards (JDE) EnterpriseOne (E1).
The following E1 functions affect user access:
User Changes
Role Changes
Assignment Changes
Security Changes
Menu Changes

Audit Events

Once the ‘Security History’setting is enabledin JDE (for JDE events) and/or in ALLOut (for AO & JDE events), ‘Audit Events’ are recorded to the F9312 when specific actions occur.
The type of events that are recorded are stored in the UDC table:
User Record Changes
Role Record Changes
Assignment Changes
Security Changes
Menu Changes

What writes audit events?

Audit events are recorded in the F9312 by the following:

System functions – i.e. login/logout where the function event is recorded
Programs (that exist in the current PathCode) which write to system tables – e.g. P0092 writes to F0092 and the data change event is recorded
Programs (that exist in the current PathCode) which write to environment specific tables – e.g. PDIS0970 writes to F9000 and the data change event is recorded

Note
ALLOut programs check against the configuration of the UDC (AOS/QS) before writing to the F9312 – this depends on the configuration of the AOS program(s) involved.

The AOS/QS table should not be modified as it is only used for internal AOS reference.
Before writing to the F9312, each AOS program checks the environment specific UDC configuration
Configuration settings have defaults in each environment so even if they have never been consciously configured they are still used.
JDE programs do not check this UDC configuration – the code of each program determines what is written.

ALLOut Audit Reporting

ALLOut Audit Reporting has been designed to fulfil all access audit reporting requirements – this includes reporting on both standard E1 audit events and custom ALLOut events. The report can be tailored to
print only the required audit information.

For more information on Auditing your JDE History Table and designing your Audit reports, contact hazel.jackson@alloutsecurity.com

Cookie name	Default expiration time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_ga_<container-id>	2 years	Used to persist session state.
_gac_gb_<container-id>	90 days	Contains campaign related information. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.

visitor_id<accountid>	The visitor cookie includes a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account identifier, 12345, makes sure that the visitor is tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code.
pi_opt_in<accountid>	If Tracking Opt-in preferences is enabled, the pi_opt_in cookie is set with a `true` or `false` value when the visitor opts in or out of tracking. If a visitor opts in, the value is set to `true`, and the visitor is cookied and tracked. If the visitor opts out or ignores the opt-in banner, the opt-in cookie value is set to `false`. The visitor cookie is disabled, and the visitor is not tracked.
visitor_id<accountid>-hash	The visitor hash cookie contains the account ID and stores a unique hash. For example, the cookie name visitor_id12345-hash stores the hash “855c3697d9979e78ac404c4ba2c66533”, and the account ID is 12345. This cookie is a security measure to make sure that a malicious user can’t fake a visitor from Pardot and access corresponding prospect information.
lpv<accountid>	This LPV cookie is set to keep Pardot from tracking multiple page views on a single asset over a 30-minute session. For example, if a visitor reloads a landing page several times over a 30-minute period, this cookie keeps each reload from being tracked as a page view.
pardot	A session cookie named pardot is set in your browser while you’re logged in to Pardot as a user or when a visitor accesses a form, landing page, or page with Pardot tracking code. The cookie denotes an active session and isn’t used for tracking.

Cookie name	Default expiration time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_ga_<container-id>	2 years	Used to persist session state.
_gac_gb_<container-id>	90 days	Contains campaign related information. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.

visitor_id<accountid>	The visitor cookie includes a unique visitor ID and the unique identifier for your account. For example, the cookie name visitor_id12345 stores the visitor ID 1010101010. The account identifier, 12345, makes sure that the visitor is tracked on the correct Pardot account. The visitor value is the visitor_id in your Pardot account. This cookie is set for visitors by the Pardot tracking code.
pi_opt_in<accountid>	If Tracking Opt-in preferences is enabled, the pi_opt_in cookie is set with a `true` or `false` value when the visitor opts in or out of tracking. If a visitor opts in, the value is set to `true`, and the visitor is cookied and tracked. If the visitor opts out or ignores the opt-in banner, the opt-in cookie value is set to `false`. The visitor cookie is disabled, and the visitor is not tracked.
visitor_id<accountid>-hash	The visitor hash cookie contains the account ID and stores a unique hash. For example, the cookie name visitor_id12345-hash stores the hash “855c3697d9979e78ac404c4ba2c66533”, and the account ID is 12345. This cookie is a security measure to make sure that a malicious user can’t fake a visitor from Pardot and access corresponding prospect information.
lpv<accountid>	This LPV cookie is set to keep Pardot from tracking multiple page views on a single asset over a 30-minute session. For example, if a visitor reloads a landing page several times over a 30-minute period, this cookie keeps each reload from being tracked as a page view.
pardot	A session cookie named pardot is set in your browser while you’re logged in to Pardot as a user or when a visitor accesses a form, landing page, or page with Pardot tracking code. The cookie denotes an active session and isn’t used for tracking.