Thursday, April 12, 2018

Update on Activity Log Management for Dynamics 365

Update: thanks to @powerobjects and for directing me to the new documentation (Posted updated on April 13th based on this info)

Last summer Microsoft announced a number of updates on the way that auditing functionality would be made available as outlined in Dynamics 365 July 2017 update: activity logging and session management for security and compliance . A couple of weeks ago Microsoft, updated their official documentation on these two features:
In this post I will focus on the new activity log management functionality, which extends the existing auditing functionality in Dynamics 365 with support for auditing on all data and all operations (including admin operations), with near real-time support, out of the box SIEM integration (Security Information and Event Management systems which provide real-time monitoring, correlation of events, alerting, etc ...) and seamless integration with Office 365 and Azure. Since auditing occurs at the SDK layer of Dynamics 365, much more data is available than just activities.


It is important to notice that the documentation states that this feature might change as well as limited availability so it might be that on your Office 365 tenant the functionality is not available (yet).



The only recently updated Microsoft Dynamics 365 (online) security and compliance planning guide also does not (yet) make a mention of this functionality within the Microsoft 365 Security and Compliance Center.

I however briefly looked into the Microsoft 365 Security and Compliance Center in one of the tenants that  I administer, and  listed below are a number of my findings:

Figure 1. Pre-configured Dynamics 365 audit log search reports.



Figure 2. Auditing settings screen when activity logging is enabled.
The documentation gives already a good indication on the way that Microsoft will proceed with this new functionality so I’m really eager to get my hands on this and see how this functionality can be used. In the meanwhile you might also take a look at the Actionable Audit App (Appsource) to access audit logs functionality as an alternative to see if it covers your specific needs and requirements.

References:

No comments: