Introduction

Data is key to any business. Whether customer details like phone numbers, and addresses or project tasks such as completion dates or notes. Keeping on top of this ever-changing information can be stressful. When was something changed, who changed it, and what was changed from and to? This is where Dataverse Audit functionality comes into play.

Setting up Dataverse audits

Understanding

Yes, keeping an audit is important for many reasons. However, before setting up audits within the power platform, it’s important to understand what you want to achieve with this information. Such as what regulations or legislations you are trying to cover. How much information do you need to achieve this outcome? Do you need to keep audit records from all your environments or just production? Do you need to include all the tables for a given solution or just some? Importantly how long are you planning/needing to keep the audit data for and who will have access to it?

Although, by no means are the questions above an exhaustive list by answering these and similar questions, we can devise a robust audit process for the solutions we are developing within our power platform estate.

Dataverse Audit

With a robust audit process administrators can use Dataverse audit tools to satisfy internal and external audit, compliance, security and governance requirements. Auditing is supported across all custom and most customisable tables within an environment. The logs are stored in the log storage of the Dataverse instance thus it is important to know which tables have records which need to be audited, which are nice to have and which don’t require auditing. Along with the length, of time that data as a whole needs to be kept.

Environment

To begin saving the changes made to the records in your apps using the in built power platform audit tools. We first have to enable it on the target environments. First, navigate to your admin centre.

The power platform allows an administrator the ability to choose which environments will record auditable information and which won’t. In this example, we will navigate to our chosen environment and turn on the audit tools.

Audit settings are under the Audit and Logs section within the settings menu. This menu item can also be found by searching ‘Audit’ in the search bar.

There are several tick box options in the audit settings for administrators to choose from, these are:

Start Auditing

This as the name suggests is the option to begin auditing the information stored in the chosen environment.

Log Access

This option keeps a log of when users access the system. Normally by the process of logging into it.

Read Logs

This allows the logs to be sent to Audit – Microsoft Defender, a feature that records and logs various activities performed within the Microsoft Defender security platform, allowing administrators to review and investigate actions taken by users, devices, or the Defender system itself.

As we as the options above, it is within this setting that administrators can pick the retention time frame, this option should reflect the requirements outlined in their audit process. There are a total of 8 choices.

• 30 Days
• 90 Days
• 180 Days
• One Year (365 Days – Not a calendar year)
• Two Years
• Seven Years
• Custom
• Forever

After saving the desired options, auditing will be turned on for the chosen environment. Although we have now turned on auditing we have a further step to be able to record the changes to table records. This is to enable auditing on our chosen tables.

Tables

Each table which requires auditing will need to have the audit setting switched to true. To do this, navigate to the table in question, and click on properties.

Then in the properties menu click advanced options and then ‘Audit changes to this data’.

Conclusion

In conclusion, setting up Dataverse audits within the Power Platform is crucial in maintaining the integrity and security of your business data. By carefully selecting which environments and tables to audit, and configuring appropriate retention periods, this will ensure that you meet compliance and governance requirements while also keeping track of important changes. With the audit functionality in place, you can confidently manage your data with the assurance that any changes are recorded and can be reviewed as needed. You can learn more about Dataverse auditing here.