Rule and data change auditing
Pega Platform maintains a history of changes to certain data classes and rule types. You can use this history to diagnose system issues and to demonstrate compliance to internal and external auditors.
For example, you can record the name of the application rule that is referenced in an access group each time a user updates the Access Group form and adds, changes, or deletes an application rule name.
This capability, known as security audits, supports change auditing for sensitive fields on selected rule or data objects.
The details of each change are displayed in the History Details section and are summarized in several standard reports.
When enabled, each save operation on a rule instance or data instance (whether through a form or through an activity) triggers a standard activity. The activity compares the current values of the tracked properties with their previous values, and writes a history detail instance for each value that was added, deleted, or updated. The history detail identifies the following items:
- The property name
- The values added (if any are added)
- Changed values (the from value and the to value) (if any change)
- The deleted values (if any are deleted)
For aggregate properties, the history detail identifies the following items:
- Two entries when a value is changed: one entry about deleting the prior value and another about adding the new value.
- Only one level of nested PageList mode properties, because only one level is supported. Nested PageGroup mode properties are not supported.
The system saves rule changes as an instance of the History-Rule class. Changes to data instances are saved in an instance of a subclass of the History-Data- class. For example, the system records changes to access groups ( Data-Admin-Operator-AccessGroup ) in instances of the History-Data-Admin-Operator-AccessGroup class.
- Enabling security auditing for a data class or rule type
You can record changes for single values and aggregate properties when you enable security auditing.
- Customizing the memo text for an audited rule
You can customize the memo text to provide a more detailed description of the change that was made to a rule or data object. Use field value rules to change the memo text that is displayed on the history details reports for a property.
- Auditing changes to aggregate properties
The history detail for aggregate properties does not indicate changed values as it does for single-value (scalar) properties. Instead, the history details shows two entries when a value is changed: one entry about deleting the prior value and another about adding the new value.
- Security event configuration
The security event configuration feature is part of security information and event management (SIEM) that combines security information management (SIM) and security event management (SEM). Use the Security Event Configuration landing page to configure the logging of security events so that you can diagnose system issues and demonstrate compliance to auditors.