Whether you’re prepping for an audit, troubleshooting an issue or comparing your prod and dev environments, NetSuite’s user activity logs give you several tools for investigating what’s happening in your system.
We hosted a webinar breaking down the various ways you can audit NetSuite — with a look at both its out-of-the-box tools, and how Netwrix Strongpoint expands on them. Read on for a quick overview of six of the most important tools in your NetSuite account now.
System Notes
NetSuite system notes are a time-stamped log of any changes to NetSuite customizations, configurations, and other record types. They contain information about who made the change, their user role, the pre- and post-change values, and other details.
(Hint: enabling system notes on record creation will make audit prep a lot simpler for public companies.)
As you can imagine, a busy account can produce thousands of system notes every day — to make it easier to find the information you’re looking for, NetSuite gives you some out-of-the-box searches, called audit trails, that focus on specific record types and activities.
Analytics Audit Trail
The analytics audit trail shows you all changes to the definition of saved searches, reports, search schedules, layouts and related information during a set period of time. It shows when the change happened, who made it, and what it consisted of. It tracks deletions as well as changes.
There is also a related execution log showing when a saved search was last run, and by who.
Login Audit Trail
Another audit trail that’s critical for SOX compliance and overall security is the login audit trail. As NetSuite’s user activity log, this search tracks all logins and login attempts, and contains a record of the associated user, their role, and IP address.
Regular review of the login audit trail can help you determine if unauthorized people are attempted to get into your account. It’s also important for checking user activity in preparation for a role/permission cleanup or SoD project.
Script Execution Logs
Script execution logs, by default, only track script errors, but they can be configured to track audit messages and debug data, if required.
Script execution logs aren’t based on system notes, so they aren’t immutable — in fact, they can be directly written using code. They are also only stored in the system for up to 30 days.
Workflow History and Execution Logs
Workflow history and execution logs serve a similar purpose as script execution logs, but, obviously, for workflows. They track actions and transitions that execute on a record that are triggered by a workflow, including server triggers, event types and contexts, and more.
Like script execution logs, they are useful for debugging, but are rarely a concern for auditors.
Deleted Record Logs
Finally, the deleted record log shows you information about deleted transactions, including who did it and when. This is important information for auditors but unfortunately NetSuite’s user activity logs only capture certain record types — customizations and setup preferences, for example, aren’t tracked — and don’t give you a lot of corroborating information about the deletion itself.
The big takeaway about NetSuite’s user activity logs, system notes, execution logs and audit trails is that while NetSuite can get you very close to a stress-free audit, on its own it has some limitations. Check out this video for an explainer:
