Auditing Enhancements for Dynamics 365 CRM in Power Platform Admin Center

Audit Management has improved lately in the Power Platform Admin Center (https://admin.powerplatform.microsoft.com/), let’s review what’s new!

Auditing in Power Platform Admin Center

Given that you are in the Power Platform Admin Center, let’s look at an org CFT 158’s Audit Settings –

  1. You’ll now see an Auditing section in the environment –

  2. And if you click on Manage as shown below, you can see what all is Enabled / Audited.


    In Manage, you’ll see the below Auditing enabled and also how long the Audit Logs can be Retained for –

  3. And you can choose for a particular environment, as to how long you want to retain the logs for. Let’s say, you don’t want to retain Audit records for Sandbox environments for more than a certain time.

Audit Log Deletion

Now, you have the ability to select what Audit Logs you want to delete based on a certain Table, People/System or from selection of Dates. –

  1. Under the Free up capacity label in the Auditing summary on the Environment in PPAC, you’ll find a link for Delete logs.

  2. In this menu, you’ll be able to select what Audit Logs you want to delete.
    You can select from within a Table, Date selections or Access logs, by people and systems.



  3. Beginning to Date Range
    Now, let’s select by Date i.e. Deleting Logs from beginning and up to the selected Date.
    Now, these are the Audit records for a sample account.

  4. Now, I’ll select a Date i.e. 5th Jan – so, it’ll delete the Audit everything till 5th Jan (will leave 5th Jan probably because of the Timezone issue on my end.)


  5. And once you set this, you’ll be asked for confirmation.

  6. Once you confirm, a Bulk Delete System Job will run and look like below

  7. And if I check my System Jobs (It probably left out 5th Jan’s logs because of time zone not set correctly)
    And everything prior to 5th Jan will be deleted.

  8. So, to verify this, I added 1 more Auditing record and then ran another job for 6th Jan to verify if 5th Jan is deleted or not.

  9. And it deleted the 5th Jan records

  10. Table
    Now, you can also select a specific table/entity you want to delete Logs for.

  11. And select the Tables you want retaining others. I choose Contact for example.

  12. And it’ll ask for confirmation as well. Once I select Confirm, it’ll Delete Audit Logs only for Contact.


  13. And the third type is to delete the Access Logs.

    Note: Please note that at times, some Bulk Delete Jobs could be waiting to be submitted.

Hope this summary was useful!

Here are some more Dynamics 365 Administrator related posts you might want to check –

  1. Enable Plug-in Profiler in Settings area in SiteMap in Dynamics 365 | [Quick Tip]
  2. Disable Recent Records from Dynamics 365 Lookup Control | Model-Driven Apps [Quick Tip]
  3. Language format for Whole Number field in Dynamics 365 CE
  4. Custom Help Pages and Guided Tasks for Unified Interface in Dynamics 365
  5. Make Managed fields Required in Dynamics 365 – Managed Properties Error [Workaround] | D365 CE Quick Tip
  6. Sign up for a Dynamics 365 Project Operations (Lite Deployment) environment and provision a new instance | Power Platform
  7. Show custom ribbon button based on Security Role of the logged in User in Dynamics 365 | Ribbon Workbench in XrmToolbox
  8. Filter records in a View owned by a Team you are a member of | Dynamics 365 CRM
  9. Duration field in Dynamics 365 converts Hours value to Days in Dynamics 365 | [Flow Workaround to convert in Hours and Mins]
  10. Form Access Checker in new Power Apps Form Designer | Model-Driven Apps in Dynamics 365

Thank you!

Single record and multiple record auditing in Dynamics 365 to Audit record access | M365 Compliance

One of the most important asks for organizations who are sensitive about tracking their data is – Which records are accessed by the user?
There’s a powerful tool in Compliance Center i.e. Audit that can record this as to when a certain D365 record was accessed and all the details about the same.

What is recorded?

Single record – Only access to Dynamics 365 record opening will be audited/captured.

Multiple record – Access to Dynamics 365 record as well as other controls that were in context of the record like sub-grid controls, timeline controls etc. will be audited/captured.

Pre-requisites

  1. The User whose D365 Record Opening activities are to be logged must either have a O365 / M365 Enterprise E3 / E5 License assigned to them.

  2. The environment should be a Production one.


Turn on Recording of Audit (Dynamics 365 & M365 Compliance Center)

Now, to be able to record Auditing of User Record Access, you’ll need to make sure the Auditing is turned ON at these places –

  1. In Dynamics 365, make sure the Auditing is turned ON at the Global Level and that Audit Read Access is enabled too.


  2. Next, make sure the entity’s whose record access you want to capture should have their Auditing as well as Single and/or Multiple Record Access Auditing turned ON as well.


  3. Now, the M365 Admin Center (https://compliance.microsoft.com/) should also be enabled for recording the Audit of User access. This will start recording User and Admin Activity.


    It’ll ask for confirmation and then start updating. In my experience, this failed a few times and I wasn’t able to know for sure when it actually got enabled.


    Then, it takes a few moments


    In my case, this resulted in an error.
    Now, I’m not sure if I missed anything although I made sure everything was correct. And when I checked after some time, it was enabled even without me retrying it. But it could just be for me and might work correctly for you.


Recording of Auditing

Let’s test a scenario where a User is not an Admin User and they try to access the Account record on which we’ve enabled Single and Multiple User Access Auditing –

Please note that it takes about 3-4 hours to the log information to be available in (https://compliance.microsoft.com/homepage)

  1. Now, if you navigate to Audit and search.



  2. Make sure your criteria is as narrow as possibly by including only the user you really want to find if that’s the case
    In my scenario, I was logged in as Priyesh Wagh user and opened a record in CRM.

    So, just to look at what all was logged, my search criteria will look like this –
    I’ll make sure All Dynamics 365 Activities is selected if you want to look at everything which is D365 CRM related.



  3. Next, since I’m only looking for my own user who opened the CRM record, I’ll search and select the user in the below filter.
    Not to mention the time frame is also narrowed to get limited results. 😊


  4. Here, my results will show up.


    If I zoom on in, I’ll see the different types of logs that are filed in the Compliance Center – The retrieve Account is the actual record where all the other events are registered based on the different controls that were loaded when I opened the record itself.
    In my experiment, I opened the same record twice, so it recorded the Retrieve account twice along with other event logs.


  5. If I open the record, I’ll see this info about everything that was tracked along with the link to the record as well –

You can refer the full Microsoft Docs reference – https://docs.microsoft.com/en-us/power-platform/admin/enable-use-comprehensive-auditing?WT.mc_id=DX-MVP-5003911

Hope this summary was useful!

Here are some more Dynamics 365 Administrator related posts you might want to check –

  1. Enable Plug-in Profiler in Settings area in SiteMap in Dynamics 365 | [Quick Tip]
  2. Disable Recent Records from Dynamics 365 Lookup Control | Model-Driven Apps [Quick Tip]
  3. Language format for Whole Number field in Dynamics 365 CE
  4. Custom Help Pages and Guided Tasks for Unified Interface in Dynamics 365
  5. Make Managed fields Required in Dynamics 365 – Managed Properties Error [Workaround] | D365 CE Quick Tip
  6. Sign up for a Dynamics 365 Project Operations (Lite Deployment) environment and provision a new instance | Power Platform
  7. Show custom ribbon button based on Security Role of the logged in User in Dynamics 365 | Ribbon Workbench in XrmToolbox
  8. Filter records in a View owned by a Team you are a member of | Dynamics 365 CRM
  9. Duration field in Dynamics 365 converts Hours value to Days in Dynamics 365 | [Flow Workaround to convert in Hours and Mins]
  10. Form Access Checker in new Power Apps Form Designer | Model-Driven Apps in Dynamics 365

Thank you!