Exploring Auditing
Track record changes on auditing-enabled tables. By default, the system tracks changes to the incident, change, and problem tables, among others.
Auditing overview
Enabling auditing tracks the creation, update, and deletion of all records in the table. If you want to audit individual fields in a table, you can hide fields you don’t want to track using a dictionary attribute.
Auditing information is kept in the following tables:
Warning:
Auditing system tables that receive a large amount of traffic, such as workflow Contexts [wf_context] or Event Management Alerts [em_alert], can impact performance. For this reason, you can’t audit the em_alert
table as a whole. Instead, audit selected fields of interest. Set audit=true on both the em_alert table and the selected fields. Try to audit as few fields as possible.
Auditing users
Auditing has the following users.
- admin
- security_admin
Auditing benefits
| Benefit | Feature | Users |
|---|---|---|
| Enable table auditing to track changes to all or some of the table's fields | Configuring auditing for a table | admin |
| Experience a more enhanced way of defining and configuring the audit capability | Configure auditing using Audit Management Console | admin |
| Automate and simplify the deletion of audit data | Setup your audit retention | security_admin |
What to explore next
To learn more about using Auditing, see: