There are three levels where auditing can be configured: organization, entity, and attribute. The organization level is the highest level, followed by the entity level, and finally the attribute level. For attribute auditing to take place, auditing must be enabled at the attribute, entity, and organization levels. For entity auditing to take place, auditing must be enabled at the entity and organization levels.
There is a slight difference in how auditing is enabled or disable for an organization compared to an entity or attribute. You enable or disable auditing at the organization level by setting a particular attribute value of the organization record. However, for entities and attributes, you set a property value of the entity or attribute metadata.
A user must be assigned the System Administrator or System Customizer role to enable or disable auditing.
By setting the
IsAuditEnabled property of an entity’s metadata and the
IsAuditEnabled property of each desired attribute’s metadata to
true, data changes to records of those entities can be logged by the platform. However, when enabling auditing on an entity, all of the entity’s attributes are enabled
for auditing by default. Of course you can explicitly disable auditing on any or all of the attributes as needed. The
IsAuditEnabled property can be set when entity or attribute metadata is created or updated through the following requests:
After changing the entity attribute metadata, you must publish the entity by using PublishXmlRequest. Changing the IsAuditEnabled property at the entity level does not require publishing. Typically, customization and publishing is performed by the same user. However, if these tasks are performed by different users, auditing will record the publish action, the user that initiated the publish operation, and not the update action.
In addition, auditing is enabled at the organization level by setting the
IsAuditEnabled attribute value of the target organization record to
To disable auditing, just set
IsAuditEnabled, as described previously, to
false. Publish the entity customizations if you have disabled auditing on any attributes. You can disable auditing for a whole organization by setting the
IsAuditEnabled attribute to
false in the target organization’s record.
All custom and most customizable entities can be audited. For a list of customizable entities, see Which Entities are Customizable?.
The following table lists the non-customizable entities that cannot be audited. This table was obtained by testing for a
CanModifyAuditSettings attribute value of
false on each entity’s metadata.
The Auditing.sln file contains the following code samples.
For more information about the requirements for running the sample code provided here, see Use the sample and helper code. This sample requires the logged on user to have the System Administrator role.
The sample demonstrates how to enable and disable auditing on an entity and its attributes, retrieve the data change history of the audited entity, and delete the audit records.
See the Program.cs sample file.
The sample first enables user access auditing with the logged on user’s organization. Next, it creates and modifies an account entity so that audit records are generated. Finally, the sample displays the audited information.
See the UserAccessAuditing.cs sample file.