Function1

The Audit Manager is a reasonably powerful tool for tracking system events in the portal. By default, it’s not turned on, but at very least it should at least be activated to track security events. Tracking user logins is also possible, but can quickly fill up the event log in the database (PTAUDITMSGS table).

To turn on Audit Logging, go to Administration: Select Utility: Audit Manager.  There you can configure which events are logged, and how long to keep them in the database.  After events are purged from the database, they are stored on the file system for a longer period of time.  You can specify where these files are stored when the "Audit Log Management" job runs.  Keep in mind that this job is run by the automation server, and will have the credentials of that automation server.  For that reason, if the Automation Service runs as the SYSTEM user, it won’t be able to access a network path to store the files.  But if you have multiple Automation Servers, you won’t want to use a local file system to store the logs because they’ll end up on different systems depending on which Automation Server ran.

It’s also interesting to note that the PTAUDITMSGS table is in a pretty simple format, so it may be possible to write your own portlets querying this table to display certain events (like “recent security changes in the portal”).