Notifications
Announcements
No record found.
Hello, we're looking to better secure our Dynamics 365 instance, and we're wondering what were good options for logging admin events and auditing user activity? has anyone used Microsoft Cloud App Security with Dynamics 365 finance and Operations before? Is there a good way to integrate with a Security Information Event Management system (SIEM)
Hi herzogjy,
What exact events do you want to log? Note that a system administrator has access to all data and forms. I do assume you want to mitigate possible security risks. What risks have you identified to start this question?
Hi Thanks for the reply, yep we want to track all admin and user activity when either admin settings are changed or objects are changed, our main goal is to feed these logs into a SIEM platform and develop alerting based on anomolous activities,
Some possible use cases
Batch user updates,
New Admin accounts created
User Privlige changes,
Users attempting to access items they do not have privileges for.
Hi Herzogjy,
To get the information, you might need to enable database logging on certain tables or add customizations. Using the database log for monitoring all actions performed by users with system administrator access would be cumbersome as it is a table logging; not restricted by users. It might generate too many records.
The last option would not be possible as they will not see the menu items they don't have access to.
Hi herzogjy
Here is a link to an article about database logging that Andre mentioned. I'm not aware of something else to assist you.
docs.microsoft.com/.../configure-manage-database-log
Hi,
I am a little surprised to see that a request for such a standard thing as taking events from CRM out to SIEM is such a surprise here. Like what kind of lunatic would ever need that?
Well, for one part data privacy legislations (most famous one being GDPR in EU) demand to have proofs who, when and why accessed customer (sensitive) data, second, security best practices dictate to move these "proofs" outside of the system that is to be monitored (integrity, non-repudiation and segregation of duties principles).
So if someone could answer this simple question: can we in this Dynamics CRM get an audit trail which end-user did what? Like what he/she searched for or which data he/she exported from CRM. And I am not even asking for such a trivial/complex thing as - "who viewed which client's data". All that without bringing the database to its knees.
If that's impossible or too much trouble to implement by some heavy customisation, then there's something wrong with this CRM.
Hi Arnie,
You are talking about CRM. The question was related to Dynamics 365 Finance and Operations which is an ERP solution. In this application, there is an option to enable logging for access to private details. This is part of an Estonian localization which can be enabled by creating a new (dummy) legal entity with localization Estonia or primary country Estonia.
If you want to verify your thoughts for Dynamics CRM, you can better ask a question on the CRM forum: community.dynamics.com/crm
Oops, sorry, I have misread this, I was really talking about CRM. Cheers.
Under review
Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.
As AI tools become more common, we’re introducing a Responsible AI Use…
We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…
These are the community rock stars!
Stay up to date on forum activity by subscribing.
Martin Dráb 664 Most Valuable Professional
André Arnaud de Cal... 522 Super User 2025 Season 2
Sohaib Cheema 303 User Group Leader
