Skip to main content

Application auditing - an example why I don't work at the weekend...

Ever had a situation where you're OLTP requirements are impeded by your OLAP implementation, well to put it another way - have you ever come across an auditing solution that causes transactions to timeout when you're trying to save data into your production database.

Well the answer for me is far to often for my liking and this is an example of 'synchronous auditing' and I believe this is an anti-pattern in the making. I'm firmly in the camp that believes auditing should be done asynchronously by a different (application) process. The reasons why I think it's an anti-pattern is because, if how you audit affects the performance of your production database then your performance is going to degrade overtime, and if you insert 500,000 audit records a day that's going to occur relatively quickly. Now DBAs would say lets put a maintenance plan in place to clear down\manage the audit database, or even remove the synchronous auditing and perform a batch load once a week out of normal days operation - AT THE WEEKEND OR AFTER HOURS...

I'm not going to support a such a process or help out when such a process fails to bring the production system back online because the batch load failed - MY WEEKENDS ARE FOR ME...

I design auditing systems that allow production-time maintenance of OLAP databases with no affect to OLTP databases and this is achieved by asynchronous auditing via transactional message queues.

You design your application such that when you need to create an audit record for a user\system action you write this to a message queue transactionally as part of the behaviour (business requirement). There is then another independent process monitoring & processing the audit records (in the message queue) into the OLAP database, it's important this process can be controllable so that it can be disabled when ever the OLAP database requires maintenance, i.e. DURING WORK HOURS NOT AT THE WEEKEND. Whilst the process is disabled the audit records will just accumulate on the message queue and as long as disk space is available you won't loose anything - (RAIDing etc).

Auditing user\system actions is always business requirement - we don't track what user\system do for our benefit so why do it as an after thought...

Oh and you can probably guess I hate triggers on tables too ;)



Awkward Coder

Comments

Popular posts from this blog

Implementing a busy indicator using a visual overlay in MVVM

This is a technique we use at work to lock the UI whilst some long running process is happening - preventing the user clicking on stuff whilst it's retrieving or rendering data. Now we could have done this by launching a child dialog window but that feels rather out of date and clumsy, we wanted a more modern pattern similar to the way <div> overlays are done on the web. Imagine we have the following simple WPF app and when 'Click' is pressed a busy waiting overlay is shown for the duration entered into the text box. What I'm interested in here is not the actual UI element of the busy indicator but how I go about getting this to show & hide from when using MVVM. The actual UI elements are the standard Busy Indicator coming from the WPF Toolkit : The XAML behind this window is very simple, the important part is the ViewHost. As you can see the ViewHost uses a ContentPresenter element which is bound to the view model, IMainViewModel, it contains 3 child v

Showing a message box from a ViewModel in MVVM

I was doing a code review with a client last week for a WPF app using MVVM and they asked ' How can I show a message from the ViewModel? '. What follows is how I would (and have) solved the problem in the past. When I hear the words ' show a message... ' I instantly think you mean show a transient modal message box that requires the user input before continuing ' with something else ' - once the user has interacted with the message box it will disappear. The following solution only applies to this scenario. The first solution is the easiest but is very wrong from a separation perspective. It violates the ideas behind the Model-View-Controller pattern because it places View concerns inside the ViewModel - the ViewModel now knows about the type of the View and specifically it knows how to show a message box window: The second approach addresses this concern by introducing the idea of messaging\events between the ViewModel and the View. In the example below

Custom AuthorizationHandler for SignalR Hubs

How to implement IAuthorizationRequirement for SignalR in Asp.Net Core v5.0 Been battling this for a couple of days, and eventually ended up raising an issue on Asp.Net Core gitHub  to find the answer. Wanting to do some custom authorization on a SignalR Hub when the client makes a connection (Hub is created) and when an endpoint (Hub method) is called:  I was assuming I could use the same Policy for both class & method attributes, but it ain't so - not because you can't, because you need the signatures to be different. Method implementation has a resource type of HubInnovationContext: I assumed class implementation would have a resource type of HubConnectionContext - client connects etc... This isn't the case, it's infact of type DefaultHttpContext . For me I don't even need that, it can be removed completely  from the inheritence signature and override implementation. Only other thing to note, and this could be a biggy, is the ordering of the statements in th