web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Extending audit functi...
Microsoft Dynamics CRM (Archived)

Extending audit functionality to include read access to Cases

(0) ShareShare
ReportReport
Posted on by Community Member

We have a Dynamics CRM 2013 on-premise system which is used to store very sensitive client information.

Although everything is audited in terms of changes, creation, and deletions, via the built-in CRM audit functionality, in the interest of having full assurance, we would like to make sure that any access by users even just to view the Case details (i.e. without changing anything) would be audited as well. 

What is the simplest/best way of achieving this audit, either through CRM built in functionality, or failing that, perhaps directly using features of the SQL server? We are running SQL Server 2008 Standard Edition.

Thanks.

*This post is locked for comments

I have the same question (0)
  • Suggested answer
    M.Azwar Alam Profile Picture
    M.Azwar Alam on at

    Hi,

    Dynamics CRM built-in audit feature provides the audit history on record creation and updating. You cannot have audit detail if user has open the case record for view only purpose. To achieve this functionality you need customize the CRM using plugin. Check following link

    https://community.dynamics.com/crm/f/117/t/105348#.UbWzivlwqSo

    Mark answer as verified, if it works for you

  • Suggested answer
    Ryan Maclean Profile Picture
    Ryan Maclean 3,070 on at

    If you don't want to register a plugin, you could add a read-only field to your form called "last User accessed" that has a lookup to the User entity, then use a simple bit of Javascript onload to update the field.  See crmbusiness.wordpress.com/.../crm-2015crm2013-javascipt-to-get-the-current-users-name for tips on how to achieve this

  • Suggested answer
    Drew Poggemann Profile Picture
    Drew Poggemann 4 on at

    Hi Excalibur2811,

    This would be very tough from Dynamics CRM because there are multiple ways they can get at this information including:

    1.  Advanced Find

    2.  Custom Report

    3.  Excel through OData or DB connections

    and probably others...

    To really track if someone is viewing details on the record you would probably want to trace anything that is querying from the SQL database table with this information.

    docs.microsoft.com/.../sql-server-audit-database-engine

    solutioncenter.apexsql.com/auditing-select-statements-on-sql-server

    Hopefully this helps!

    Thanks,

  • Community Member Profile Picture
    Community Member on at

    Old thread, but have a quick question.  If we audited using SQL, any idea how we would be able to indicate which CRM user was initiating the SELECT call?  

    Wouldn't all calls be attributed to the application's identiy (ie. App Pool User)?

    Cheers.

  • Suggested answer
    Dynamics365 Rocker Profile Picture
    Dynamics365 Rocker 7,755 on at

    If a user open a case form that can be audited by writing script on "onload" event.

    You have to create a custom entity and save user name who viewed case details in this entity. This can be achieve from script.

    But users still have options to view case data from advanced find.

    You can also control view access from security role, in this scenario users will have read access on case or they will not have read access.

    You can also use "Access Team" feature, In this feature user can view case if they are member of access team

  • Drew Poggemann Profile Picture
    Drew Poggemann 4 on at

    Hi Mugs,

    If you are online Microsoft has now enabled the ability to track "view" of records.

    community.dynamics.com/.../enable-read-auditing-in-dynamics-crm-365

    Hope this helps.

  • Community Member Profile Picture
    Community Member on at

    Unfortunately we're on-prem.  Is plan for this to remain online-only?  Or will it be out in next on-prem update (hoping this fall!)?

  • Community Member Profile Picture
    Community Member on at

    @Rocker, the advanced find is the problem.  Sounds like this has been a long requested feature.  Just hope it's coming to on-prem soon.

  • Dynamics365 Rocker Profile Picture
    Dynamics365 Rocker 7,755 on at

    But If you control access from security role or access team then Advanced find is not a problem.

  • Community Member Profile Picture
    Community Member on at

    Correct.  But requirement is coming from client to allow access while auditing views.  Damn clients.. lol.. will remain a CRM limitation for now.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans