Share
ReportIt doesn't look like there is a way to audit whether a user simply looks at a record but doesn't take any action beyond that. Can anyone confirm?
*This post is locked for comments
You’re offline. This is a read only version of the page.
789
It doesn't look like there is a way to audit whether a user simply looks at a record but doesn't take any action beyond that. Can anyone confirm?
*This post is locked for comments
rthompson,
Thanks you for all your help. I found a way in the Office 365 Security center to audit "read" of Dynamic records. It's not very user friendly, but the information is there.
However, I am still needing log more granular events, which is why using javascript to update the audit log interests me. Let's say, for instance, we have a confidential record and onload of that record we display a JavaScript window.confirm that says "This is confidential record - press Continue to view or Cancel to go back." We would want a record of everyone who pressed cancel versus pressed continue. This activity would not be normally audited.
We cannot use security roles to accomplish this, for many reasons that go beyond the scope of this post. However, one idea I have is that we create a task for every user that presses "continue" to view the confidential information. A supervisor can see all tasks, and the creation of the task would be audited.
Hi Ben,
After thinking over what you are trying to do. I think it might be better to create your own audit entity to track users accessing entities.
Because of the different types of auditing you can do in the system. I would not suggestion creating a custom audit log.
So I would create a function in your loadForm() event that could do a web api POST to your entity log. This should be very simple. I would create to 3 new fields.
1) EntityName
2) Guid Id
3) Update the "new_name" field with the "Name" information on the record that is being access.
This is simple and will give you what you want.
However, if you are on 365 online. They do have a way to do this already.
https://docs.microsoft.com/en-us/dynamics365/customer-engagement/developer/auditing-overview
The following list identifies the data and operations that can be audited:
Create, update, and delete operations on records.
Changes to the shared privileges of a record.
N:N association or disassociation of records.
Changes to security roles.
Audit changes at the entity, attribute, and organization level. For example, enabling audit on an entity.
Deletion of audit logs.
When (date/time) a user accesses Dynamics 365 for Customer Engagement apps data, for how long, and from what client.
Enabling or disabling of field level security by setting the IsSecured attribute cannot be audited.
No - what is this? We need a history of changes to records that go beyond update, create, and delete. I am most curious to know how javascript can be used to update the audit table as you mentioned. Have you done this before?
You can enable read access and view the logs through Office 365 Security & Compliance Portal.
This is a nice post explaining it:
www.henryjammes.com/.../audit-user-read-access-to-dynamics-365.html
Here what you can audit.
https://www.qgate.co.uk/knowledge/managing-audit-logs-in-microsoft-dynamics-crm/
However, add a javascript on the load form event and add logic to update the audit log table to track when are user is accessing a record in CRM.
#1
André Arnaud de Cal...
292,516
Super User 2025 Season 1
#2
Martin Dráb
231,399
Most Valuable Professional
#3
nmaenpaa
101,156
All responses (
Answers (
