No audit attribute set on asset columns

beretta1 · ‎03-01-2017

Hi everyone,

We administer a domain separated instance of ServiceNow and do have many different requirements depending on the customer, one such recent requirement is to have the ability for a customer to write to their own assets. There is a grey line here from a business perspective as we manage this data but regardless, the business has decided to allow this.

To mitigate risk I plan on removing the no_audit attribute from most of the fields on asset but I am curious if anyone can give me some advice as to why alm_asset is setup this way OOB? 55 fields have the no_audit=true attribute and quite a high percentage of these I would suggest contain data that you would expect to want to track, I note most of these that are relevant in my situation are mapped between the asset and the ci field mappings.

Is it expected that each asset is managed by the associated CI record?

Appreciate all opinions on the matter, I'd be interested in what you may have done if you have come across the same situation.

Best Regards,

Brett

Mwatkins · ‎03-01-2017

Hi Brett, this is a good question. From my standpoint, as an engineer who troubleshoots performance issues, the explanation for the no_audit attribute being set to true is due to the potential performance impact of auditing fields that are frequently updated. Many CMDB records are frequently updated by automated processes like discovery or imports and you don't want to have a single field audited 20,000 times. 1) it causes performance issues and 2) the data would be humanly unreadable. My recommendation is to evaluate which fields are critical to be audited, and to consider how frequently those fields might be updated by an automated process. If they aren't updated frequently then there's no problem, but if they are updated frequently you might want to look into another way to track changing values on that field like perhaps a business rule that only runs when an interactive session is making the change. If you do remove the no_audit attribute, you can still avoid doing audits for certain operations if you are using the GlideRecord class to do the updates and you use GlideRecord.setWorkflow(false). Beware, using setWorkflow(false) will bypass auditing but it will also bypass Workflow, Business Rules and Script Engines - see documentation.

beretta1 · ‎03-02-2017

Hi Matthew,

Appreciate your response, I must admit as we have not used any automated method of loading data I hadn't considered this, seems rather obvious now

I'll keep it in mind when we define our solution.

Cheers,

Teena Singh · ‎03-02-2017

Brett,
Glad to see that you are using the Community to learn more.

The Customer Experience team is striving to ensure that customer queries posted from the HI Service Portal are answered in timely and accurate fashion.

If you feel your question has been resolved, please mark the appropriate reply in the thread as being the Correct Answer.

This enables other customers to learn from your thread.

Thank you in advance.

Regards,

Teena Singh
Customer Experience: UX Strategy and Customer Insights
teena.singh@servicenow.com

ServiceNow

Screen Shot 2017-01-19 at 8.55.52 AM.png

beretta1 · ‎03-02-2017

Hi Teena,

I am not sure my question has a right or wrong answer but Matthew's response was definitely helpful.

Thanks,