Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Suggest an Idea

Vote for your favorite Qlik product ideas and add your own suggestions.

Announcements
This page is no longer in use. To suggest an idea, please visit Browse and Suggest.

Control of information received by the User when exporting a file containing confidential or protected information from the qlikview web application.

novikov_sv
Contributor II
Contributor II
‎2021-01-12 02:06 AM

Control of information received by the User when exporting a file containing confidential or protected information from the qlikview web application.

The problem:

In order to control of sensitive or protected information received by the Users  from the qlikview web application, the information security administrator needs the ability to compare user actions in logging files and the name of the downloaded file.

What we have:

QlikView Build Info: release/QV12-40/63

When a user exports a file from the qlikview web application, the server creates the file in a folder ..\ProgramData\QlikTech\qlikviewserver\Temp and then passes it to the user's machine. An entry is made in the audit file about the export of the file. However, it is not possible to uniquely match the name of the downloaded file and the entry in the audit file.

The proposed solution:

We suggest adding a field containing the name of the downloaded file to the logging file, and adding a session ID to each file name. This structure will allow you to uniquely determine the type and volume of information downloaded by the user. In order for this system to work, we need to create an application that transfers the downloaded files from ..\ProgramData\QlikTech\qlikviewserver\Temp to the archive database

We ask for help in solving the problem.

Status: Closed - Declined Submitted by Contributor II on ‎2021-01-12 02:06 AM
Labels
Tags (1)
263 Views
1 Comment
Yuliya_Kiperberg
Employee
Employee
‎2021-07-27 01:26 PM
Thank you very much for your feedback, we really appreciate it!
 
The temp file contains the information you're looking for, with the exception of the file name and session ID. We have purposely excluded this information as it would pose a security risk to the users and their information. We've also decided to use a temp file for information regarding exported data, which is automatically cleaned up, to ensure we're not storing a massive amount of data and causing performance issues.
 
While we understand the use case you're presenting, we feel our current implementation is the safest and best way to go.
Status changed to: Closed - Declined
Subscribe by Topic