PCI Access Audit Log

PCI DSS compliance section 10.5 requires centralization of Logs in a common log management process. The intent from the PCI council is that you could view access to login/out and card data in TM along with firewall access changes, admin access to a machine or server in a consolidated view.

You can export the logs from TM in Excel or tab delimited format and move them to your centralized logging mechanism.

The Access Audit Log is a critical part of PCI Compliance. It provides a method of electronically tracking when users

  • Log in to the database
  • Log out of the database
  • Made too many attempts to log into the database and were subsequently locked out
  • Access credit card data
  • Use Manager overrides for payment acceptance
  • Ran specific payment reports containing secure data
  • TM creates audit transactions with the codes AT, ALI, ALO, ALX, ALM, and AC. When you run a report, look for these codes to identify audit transactions.
  • And access other sensitive areas of the database
  • Specifically, the Access Audit Log establishes a process for linking all access to system components to each individual user – especially access done with administrative privileges. It allows you to track and monitor all access to network resources and cardholder data as per PCI requirments.

    For more on PCI Compliance click here.

    The Access Audit log is located under the Setup >> Users & Access >>Access Audit Log menu.

Access Audit Window



Parts of the Access Audit Window

Opens the selected transaction to view details. You may also simply double click on the transaction in the list.
Prints the list as shown.
Exports the list.
Displays the patron record to whom the transaction is attached.
Seq # The Sequence number of the transaction.
Trans Date The date and time of the transaction.
Journal # If the transaction affected the General Journal, the Journal number that was affected.
Code The transaction code used to identify the specific transaction.

TM creates audit transactions with the codes AT, ALI, ALO, ALX, ALM, and AC.

When you run a report, look for these codes to identify audit transactions.

Transaction Description A translated description of the transaction code.
Order # If the transaction affected a specific Order, the order number willbe listed here.
Play If the transaction affected a specific play, the play code will be listed here.
Performance If the transaction affected a specific performance, the performance code will be listed here.
Type Whether the transaction is auditable.
Description of Entry A more detailed listing of the transaction, including the User name who affected the transaction.

Transaction Detail Window



Parts of the Transaction Detail Window

Displays the patron record to whom the transaction is attached.
General Information Displays the
  • Type of transaction
  • Patron name
  • Date of Creation
  • Employee name who created the transaction
  • Revenue and Journal date
  • Transaction #
Transaction Detail Displays
  • What data was requested from the database
  • The Employee who permitted the data to be viewed (if it was an override from creating user)
  • What specific activity took place

Audit Search Options

There are many options for you to search for specific transactions. Using the drop-down list in the upper left corner, simply choose the criteria you wish to search by.



Options for searching the Transaction List

All Transactions Displays all transactions. Click on any column header to sort by that column.
Code The specific Transaction Code
Order # A specific order number. This may be helpful when diagnosing ledger transactions.
Journal # A specific General Journal number. This may be helpful when diagnosing ledger transactions.
Revenue Date A specific date of revenue. This may be helpful when diagnosing ledger transactions.
Seq # A specific Sequence number. This may be helpful when diagnosing ledger transactions.
Trans Date A specific transaction date. This may be helpful when examining a specific day or range of days.
Play #, #Perf, Tix #, Seat Code Use these to examine transactions based around a specific event.
Trans Patron #, Name/Company, Last Name, First Name, Company Use these to search for transactions generated by a specific patron record.
Play Title, Play, Performance Use these to search for transactions generated by a specific event.
Description, Campaign Name These will search for transactions generated by a specific donation campaign.
Merchant #, GL# These may be helpful when diagnosing ledger transactions.