Auditing overview
Dataverse auditing provides capabilities to meet the external and internal auditing, compliance, security, and governance policies that are common to many enterprises. Dataverse auditing logs changes that are made to records and logs user access. Developers can use the tables and APIs that support the auditing feature to create client applications or programmatically interact with auditing data.
Important
For a complete description of the auditing concepts, capabilities, how it is exposed in apps, and tasks for administrators, see Administrators Guide: Manage Dataverse auditing.
This content for developers expects that you are already familiar with the documentation for administrators. The Dataverse tables and APIs provide the functionality to support the clients used by administrators and apps.
You can use Dataverse tables and APIs to:
- Retrieve and change organization settings for auditing.
- Detect which tables and columns are enabled for auditing.
- Enable or disable tables and columns for auditing.
- Retrieve a history of audited data changes.
- Delete audit data.
Organization settings
The Organization table contains properties that control how auditing is enabled for an environment.
You can retrieve column values to determine:
- Whether auditing is enabled for the environment.
- The number of days to retain audit log records.
- Whether user access logging is enabled.
- The interval that controls how often user access is logged.
If you have system administrator or system customizer roles, you can update these values to change the auditing behavior.
More information: Configure organization settings
Table and column settings
When auditing is enabled for the organization, the tables that are enabled for auditing will begin writing audit data when data changes.
When auditing is enabled for a table, the columns that are enabled for auditing will be included in the audit data.
You can use Dataverse APIs to query the table and column definitions to determine which tables and columns are enabled for auditing.
If you have system administrator or system customizer roles, you can update these values to change the auditing behavior.
More information: Configure tables and columns
Retrieve audit history
Audit history data is stored in the Auditing (Audit) table. You should use the following messages to retrieve detailed audit history data:
| Message | Description |
|---|---|
RetrieveAuditDetails |
Retrieve the full audit details from an audit record. |
RetrieveAttributeChangeHistory |
Retrieves the change history for an single column of an audited record. |
RetrieveRecordChangeHistory |
Retrieve all audited data changes for a specific record. |
More information: Retrieve the history of audited data change
Delete audit data
You may need to delete audit data because:
- You need to comply with a request from a customer to delete their history.
- You want to use less log capacity space.
Note
You cannot directly delete records in the Auditing (Audit) table
Dataverse provides the following messages to delete audit history data:
| Message | Description |
|---|---|
DeleteRecordChangeHistory |
Deletes all the audit change history records for a particular record. |
BulkDelete |
Asynchronously deletes records identified by a query. This message can be used to delete large numbers of audit records without blocking other activities. |
DeleteAuditData |
For customers using customer managed encryption keys this message deletes all audit data records up until a specified end date. |
More information: Delete audit data
See also
Administrators Guide: Manage Dataverse auditing
Configure auditing
Retrieve the history of audited data changes
Delete audit data
意見反映
提交及檢視以下的意見反映: