Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • WhoDunnit HyperionMurderMystery

    Enviado por

    parmitchoudhury
    124 visualizações38 páginas
    Hyperion

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PPTX, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Hyperion

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PPTX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    124 visualizações38 páginas

    WhoDunnit HyperionMurderMystery

    Enviado por

    parmitchoudhury
    Hyperion

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PPTX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 38

    Whodunnit?

    A Hyperion Murder Mystery


    Casey Ratliff, System Architect
    Jon Harvey, EPM Practice Lead
    HUGMN TechDay
    03/19/14

    eCapital Advisors Overview


    Oracle/ Hyperion/ OBIEE
    Strategic assessments & technology roadmaps
    Project Managers with extensive implementation
    experience
    Business consultants with planning, financial
    reporting & consolidation delivery experience
    Certified Oracle Planning, Essbase, HFM, OBIEE
    Consultants
    Customer enablement services (training, hosting,
    extended support and managed services)
    Employee lead engagements with minimal
    contractor utilization
    Board of Director Advisors to the MN Hyperion
    User Group

    eCapital Advisors Overview


    Founded in 2001 Profitable every year in business
    Performance management consulting firm
    Over 250 performance management customers
    eCapital Advisors employees:
    Dedicated to Enterprise Performance Management
    and Business Analytics, helping client better
    understand business drivers
    Proven record and high customer satisfaction
    Experience across a variety of industries and have
    worked with companies of all sizes

    2013 Inc. Magazine


    Inc. 5000 award: #1558

    2013 MSP Business Journal


    Fast50 award winner, #17

    eCapital Oracle BI & Hyperion Client Sampling

    Agenda

    Well, agenda ruins the fun of it


    Key points were going to cover

    Who changed the system?


    Who changed data?
    Who changed the application objects?
    New functionality in 11.1.2.3

    Why audit?
    Why are systems audits important?
    Mandated by data set
    Prevention of malicious acts
    Useful for troubleshooting
    The perils of not auditing?

    Our story begins

    Our story begins


    We know that our nightly batch completed successfully at 10PM

    Batch runs metadata updates, redeployment and calc scripts

    Our first suspect


    Was it:

    Who: Col. Mustard


    Where:
    Server console
    Weapon: The EPM Configurator

    Windows Event Viewer


    Security log failures
    System reboot
    Backup conflicts

    EPM Deployment Report


    Architecture
    Configurations
    Changes to Registry

    Digging in
    While the IT department continues to troubleshoot

    The system is up and running fine now, but our tie outs are hosed

    Who changed the data?

    Data audit options available to us


    SSAUDIT
    Planning Data Audit

    Lets take a look at both

    SSAUDIT

    Essbase.cfg setting
    Tracks Essbase writes only

    SSAUDIT
    Generates 2 files
    Generates an ALG and ATX file

    SSAUDIT
    ALG File
    History records from every update transaction
    Includes user name, time stamp, and number of updated rows

    SSAUDIT
    ATX File
    Transaction records in a format that can be used as the input
    source for data load

    Planning Data Audit


    11.1.2.0, 11.1.2.1 (AdministrationApplicationReports)

    11.1.2.2 (ToolsReports)

    Planning Data Audit

    Planning Data Audit

    When we look into our audit table

    Our next suspect

    Who: Nick Chihak


    Where:
    Planning App
    Weapon: Data Form

    The Plot Thickens

    Who would try to frame Nick???

    Shared Services Audit Reports


    What information is available to us in Shared Services?

    Shared Services Audit Reports


    The catch not enabled by default

    Looking back, the fake ID only changed one YearTotal dollar amount,
    but our variances are much bigger.

    Could calcs or other objects have been changed?

    Now what?
    We know the batch completed successfully, like it always does
    The nightly batch does a bunch of stuff, including:
    Imports Metadata
    Redeploys the application
    Runs calc scripts
    Runs report scripts
    Lets take a look at what information is available to us about these
    objects change histories

    Were Objects Modified? (Planning)

    Were Objects Modified? (Planning)

    Were Objects Modified? (Calc Manager)


    No history of changes, but has user ID and date

    Were Objects Modified? (Essbase)


    No history, no user ID, only update date

    Where do we look next?


    One of the first places we should have looked, EAS:

    Half of the Entity dimension is missing!

    Were Objects Modified in EPMA?


    We found our culprit!

    The Culprit
    It was:

    Who: Jim Farley


    Where:
    Dimension Library
    Weapon: Import Profile

    11.1.2.3
    Fun exercise, but could have been a lot easier in 11.1.2.3
    New in Shared Services 11.1.2.3:
    Artifact Change Reports

    Artifact Change Reports

    Artifact Change Reports

    Q&A

    Você também pode gostar