-------- Original Message --------
Subject: Re: How to research DMSII lock/unlock requests
I agree that there is a need for DMSII to support tracking of read
access, but recording user access for either read or write is not the
function of the audit trail. Its purpose is to restore the data base to
a consistent state after a crash, a data rebuild, or a rollback. People
certainly use it for application-level issues like monitoring or
auditing updates, but that's not what it's for.
Another concern with adding read access logging to the audit trail would
be performance and resource consumption. Bandwidth to the audit trail is
already an issue for high-throughput data bases, or else we wouldn't
have partitioned audits. Read access logging would compound that issue
many times over.
A third concern is that even if you added read access logging to the
audit trail, in the general case that wouldn't tell you anything about
the user or device doing the read. In a COMS environment, for example,
the user that DMSII sees is that of the COMS TP, not the user submitting
the transaction. That information is normally available to the TP, but
presently there isn't any interface that passes that to DMSII.
A fourth, perhaps lesser, concern is that the audit trail is not a
linear record. There are times that it backs up and erases data that was
previously written. That could be a small number of records in the case
of an abort or halt/load recovery, or a whole lot of records in the case
of a rebuild or a rollback.
So while there's a real need for low-level access logging, I don't think
the audit trail is the place to record it. I suggest that there needs to
be an entirely separate mechanism, perhaps integrated with statistics
gathering, that could be optimized for time-linear recording of both
read and write access, and include the necessary task and end-user
identifiers.
Paul