Rule and data change auditing

The Pega Platform maintains a history of changes to certain data classes and rule types.

For example, you can record the name of the application rule that is referenced in an access group each time a user updates the Access Group form and adds, changes, or deletes an application rule name.

This capability, known as security audits, supports change auditing for sensitive fields on selected rule or data objects.

The details of each change are displayed in the History Details section and are summarized in several standard reports.

When enabled, each save operation on a rule instance or data instance (whether through a form or through an activity) triggers a standard activity. The activity compares the current values of the tracked properties with their previous values, and writes a history detail instance for each value that was added, deleted, or updated. The history detail identifies the following items:

  • The property name
  • The values added (if any are added)
  • Changed values (the from value and the to value) (if any change)
  • The deleted values (if any are deleted)

For aggregate properties, the history details identifies the following items:

  • Two entries when a value is changed: one entry about deleting the prior value and another about adding the new value.
  • Only one level of nested PageList mode properties, because only one level is supported. Nested PageGroup mode properties are not supported.

The system saves rule changes as an instance of the History-Rule class. Changes to data instances are saved in an instance of a subclass of the History-Data- class. For example, the system records changes to access groups ( Data-Admin-Operator-AccessGroup ) in instances of the History-Data-Admin-Operator-AccessGroup class.