Track and Monitor all Access

Integrator Notes

The ZnodeActivityLog table in the database will log user login attempts (as well as other activities). Access to this table is available directly through SQL Server. Logging to the database is done using the LogActivity method.

Znode also provides the facility to log events to the Data\Default\logs\ZnodeLog.txt file through the LogMessage and LogObject functions. This log file can be used for debugging purposes.

If you use either of these logging facilities for your own purposes you should not log sensitive credit card information.

Logging must be enabled in SQL Server to maintain PCI-DSS compliance. For more information on this see: http://technet2.microsoft.com/windowsserver/en/library/bac482ae-39c4-44b7-bd9f-291ab354ef2b1033.mspx?mfr=true

Configuration Notes

In a production environment application logging and diagnostics should be turned off. To turn off these features set the following in your web.config:

<add key="EnableDebugging" value="0"/>

<add key="EnableDiagnosticsPage" value="0"/>

<add key="EnableIntegrationTest" value="0"/>

<add key="EnableActivationPage" value="0"/>

Activity logging to the ZnodeActivityLog table in the database can not be turned off in the storefront. Disabling or modifying the logs is prohibited and will result in non-compliance with PCI-DSS.