GDPR Compliance

Adabas on Linux and Windows stores the following personal data in log and audit files:

  • Hostname of the machine

  • User Identification (Local system credentials)

Therefore, so that your applications can be GDPR compliant, it is important for the Adabas administrator to be aware of the following files where personal data may be stored.

  • Adabas Role-based Security

  • Adabas Audit Trail

  • Adabas Command Log

  • Adabas Log file

Basic Actions to be taken

It is the responsibility of the database administrator to configure and delete files containing personal data. Adabas does not provide functionality to automatically delete personal data.

To ensure that personal data is not stored, the following is recommended:

  • Disable logging features (when possible)

  • Define a schedule and procedure to delete log files

The location and configuration of the database features storing personal data are described below.


Adabas Role-Based Security

When the Adabas Role-based Security feature is enabled, the following personal data is stored in the RBAC system file as a security definition:

  • User Identification

This information is required and is used to determine the access privileges of a user.

Use the utility ADARBA to manage the security definitions.

Adabas Audit Trail

When the Adabas audit trail feature is enabled, the following personal data is logged:

  • User Identification

  • Hostname of the Adabas client

  • Process Identification

  • Timestamp of Access Request

  • ET data

  • Name of the access operation and the object of the operation

The location and configuration of the audit trail is feature-specific, for further information:

  • Authentication and Authorization for the Adabas Direct Call Interface
    Please refer to Configuration in the section Adabas Role-Based Security (ADARBA).

  • Authorization for the Adabas Utilities
    Please refer to the section Location of Configuration and Logging Files under Configuration of Adabas Role-Based Security in the Adabas Extended Operations documentation.

The Audit Trail for Authorization for the Adabas Direct Call Interface is automatically enabled with the feature and cannot be disabled.

Adabas Command Log

When the Adabas Command Log feature is enabled, the following personal data is logged:

  • User Identification

  • Hostname of the Adabas client

  • Process Identification

  • Timestamp

  • Adabas Command

When enabled, a command log file is created in the database directory. The file is identified by the value of the environment variable NUCCLG. The file can have multiple extends.

The Adabas Command Log feature can be enabled or disabled via the LOGGING control parameter of either utility:

  • ADANUC

  • ADAOPR

Please refer to either the ADANUC or ADAOPR section of the Adabas Utilities, for further information on the LOGGING control parameter.

Adabas Log File

When the Adabas log feature is enabled, the following personal data is logged:

  • User Identification

  • Process Identification

  • Timestamp

  • Name of the Adabas Utility with the requested function

The configuration file ADABAS.INI contains the location and configuration of the Adabas log file.

By default, the file name is $ADADATADIR\etc\ADABAS.LOG. The logging functionality is configured using the topic NODE_PARAMETER and its subtopics:

Subtopic Description
ANALYSER Enable the Adabas Extended Operations (AEO) feature
LOGGING The Adabas log file is configured with the items:
  • ACTION - enables logging and

  • LOG_PATH - defines the file location

ARCHIVE_LOGFILE Enables the archiving of the Adabas log file
ALERT The Adabas log file entry can be processed by an alert routine. This is enabled and configured with the items:
  • ACTION - enables alert processing and

  • ACTION_ROUTINE - defines the alert routine

Please refer to the section ADABAS.INI under Configuration Files in the Adabas Extended Operations documentation, for further information on the location and configuration of the Adabas log file.