NexJ Logo

Configuring audit trails

Use NexJ Studio to configure audit trails. Audit trails record actions that users perform in NexJ CRM.

Use event audit trails when you want to log create, update, and delete actions for all auditable objects in the system. Use attribute audit trails when you want to log create, read, update, and delete actions for object attributes that you specify.

Enable event audit trails to log user actions such as creating, modifying, and deleting contacts. Enable and configure attribute audit trails to track specific types of read and update actions in NexJ CRM.

For example, configure attribute audit trails to log the history of all changes to a contact's name to meet legal and business requirements.

To enable event audit trails for your deployments, you specify the following audit mode in the environment file:

eventAudit
Logs create, update, and delete actions that users perform on objects, for example, creating or deleting a lead. This mode logs actions for all auditable objects in NexJ CRM.

To enable attribute audit trails for your deployments, you specify the object attributes that you want to audit. Then, you specify one or both of the following audit modes in the environment file:

readAudit
Logs read actions that users perform on objects, for example, viewing a contact. You can modify the default list of objects to audit based on attributes selected for read audit in the NexJ model.

updateAudit
Logs create, update, and delete actions that users perform on objects, for example, changing a contact name. You can modify the default list of objects to audit based on attributes selected for update audit in the NexJ model.

You can enable audit trails for a single deployment or for all deployments. However, the objects selected for read and update audits apply to all enabled deployments.

You can also enable user login auditing to log details about NexJ CRM user logins in the NexJ Audit database.

Info

Event audit trails are enabled by default. Attribute audit trails are disabled by default.

Audit trails display in the following locations:

  • Attribute audit trails display in the Audit Trail tab on applicable workspaces in NexJ CRM.
  • Event audit trails display on the Audit Trail page in NexJ Admin Console.

For more information, see Audit trails.

Configuring object attributes for read and update auditing

In NexJ Studio, you can specify attributes to log in the audit trail for read and update auditing.

When the readAudit or updateAudit modes are enabled for a deployment, you can specify the attributes to audit or modify the default attributes that are audited. For example, you can log when tasks are read or updated. After selecting an attribute for read and update auditing, auditing is triggered when a read, create, update or delete event is executed against the object associated with the attribute.

To select the objects to audit in your deployments:

  1. In NexJ Studio, navigate to the Business Model Layer and, in the Classes tab, open the Act class.
  2. To select attributes to audit:
    1. In the Attributes tab, in the Attributes area, select an attribute to audit.
    2. Select the ReadAudit or UpdateAudit checkbox for the attribute.
    3. Repeat these steps to enable auditing for another attribute.
  3. Click the Save button to save your changes to the class.

The attributes to audit in your deployment are selected. When you deploy your application, if the readAudit or updateAudit modes are enabled, user actions for the selected object types are audited when they are performed in NexJ CRM.

If your NexJ application is currently running, you must redeploy the application for changes to take effect.

Changing the audit mode for a deployment

Change the audit mode for a deployment to enable auditing, change what types of user actions to audit, or disable auditing in a single deployment of NexJ CRM or NexJ Admin Console.

The audit mode determines the types of user actions that are recorded in an audit trail. You can specify event, read, and update audit modes. Each mode logs the date and time of the action, the name of the user who performed the action, and additional information depending on the audit mode.

Note: You cannot specify different read and update audit settings for different deployments. Read and update audit settings for objects apply to all enabled deployments.

To change the audit mode for a deployment:

  1. In NexJ Studio, navigate to the Deployment layer and, in the Environments tab, open the environment in which to change the audit mode.
  2. In the Source tab, to enable audit modes, edit the <Environment> tag and add any of the following attributes:
    eventAudit="true"
    Logs create, update, and delete actions that users perform on objects, for example, creating or deleting a lead. For update actions, original and changed attribute values are recorded.
    readAudit="<auditLevel>"
    Logs read actions that users perform on objects, for example, viewing a contact.

    Info

    You can specify one of three read audit levels:
    access
    Logs the object that was read.
    attributes
    Logs the object and object attributes that were read.
    values
    Logs the object, object attributes, and attribute values that were read.


    updateAudit="true"
    Logs update actions that users perform on objects, for example, changing a contact name. Original and modified attribute values are recorded for update actions.
    For example, to set the audit mode to log all read and update actions for your deployment, the attribute values should look similar to the following:
    <Environment ... readAudit="values" updateAudit="true">

  3. Click the Save button  to save your changes to the environment.

The audit mode for your deployment is changed. When you deploy your application, user actions in NexJ CRM are audited based on the specified audit modes.

If your NexJ application is currently running, you must redeploy it for changes to take effect.

Changing the audit mode for all deployments

Change the audit mode for your deployments to enable auditing, change what types of user actions to audit, or disable auditing in all deployments of NexJ CRM or NexJ Admin Console.

The audit mode determines the types of user actions that are recorded in an audit trail. You can specify event, read, and update audit modes. Each mode logs the date and time of the action, the name of the user who performed the action, and additional information depending on the audit mode.

To change the audit mode for your deployments:

  1. In NexJ Studio, navigate to the Resources layer and, in the Components tab, open the System.Auditor component.
  2. In the Overview tab, in the area on the left, expand Properties and select mode.
  3. In the Property Value field, specify any of the following audit modes:
    eventAudit
    Logs create, update, and delete actions that users perform on objects, for example, creating or deleting a lead. For update actions, original and changed attributes are recorded.
    readAudit
    Logs read actions that users perform on objects, for example, viewing a contact.

    Info

    You can specify three levels of read auditing:
    Access
    Logs the object that was read.
    Attributes
    Logs the object and object attributes that were read.
    Values
    Logs the object, object attributes, and attribute values that were read.


    updateAudit
    Logs update actions that users perform on objects, for example, changing a contact name. Original and modified attributes are logged for update actions.

  4. Click the Save button to save your changes to the component.

The audit mode for your deployments is changed. When you deploy your applications, user actions in NexJ CRM are audited based on the specified audit mode. If your NexJ applications are currently running, you must redeploy them for changes to take effect.

Enabling user login auditing

You can enable user login auditing for NexJ CRM. User login auditing records the name of the user who logged in, IP address of the machine used to log in, and time of the login. User login information is stored in the NexJ Audit database.

Info

By default, user login auditing is not enabled.

To enable user login auditing for NexJ CRM:

  1. In NexJ Studio, navigate to the Deployment layer and, in the Environments tab, open the environment in which to enable user login auditing.
  2. In the Source, in the <Environment> tag, add the authAudit="true" attribute, as shown in the following example:
    <Environment ... authAudit="true">
  3. Click the Save button to save your changes to the environment.

User login auditing is enabled for your deployment. When you deploy your application, details about NexJ CRM user logins are stored in the LGAuthenticationAuditLog table of the NexJ Audit database.

If your NexJ application is currently running, you must redeploy it for changes to take effect.