Auditing in BizTalk360

Auditing in BizTalk360 – Receiving Automatic Auditing Reports

Published on : Sep 1, 2020

Category : BizTalk360 Update

Christhini

Author

Introduction

Have you ever experienced like there is no auditing capability in the BizTalk server? Or, if any of your BizTalk host instances are stopped for some reason and you do not know who did what in your BizTalk server environment? Then this blog post is for you! It comes as a series of 3 like how you can effectively audit your BizTalk environment by using (and extending) the out-of-the-box capabilities of BizTalk360.

This series consists of the following parts;

Part 1: Receiving automatic auditing reports

  • How to audit your logs to get auditing reports and share them with team members in PDF format

Part 2: Monitor your audit logs and get notified

  • How to audit your logs and get notified when something unexpected is happening

Part 3: Give your BizTalk Audit Log more visibility

  • Add Auditing related widgets to the home page of BizTalk360

Restrictions in BizTalk Server

Let us consider an example,

If any of your host instances are stopped by any one of your team members sometimes it is common for no one taking the blame when things go wrong. The hardest part is you probably do not know how long the host instances have been in a stopped state since you don’t know the audit trace in the standard admin console.

BizTalk360 provides a seamless solution to the problem

To fill this gap, BizTalk360 comes with a feature called Governance and audit. Here we have two categories of auditing activities.

  • BizTalk activities
  • BizTalk360 activities

In a nutshell, governance and auditing simply record all the activities performed by a BizTalk administrator via BizTalk360.

Auditing your BizTalk360 environment

Customers have been asking for the ability to share automated audit history reports with their team members. We have always been delighted in taking up the customer’s requests and providing the product in the best possible way. Although currently, it is not possible out-of-the-box, with some customization, it is possible to fulfill this request.  We will show how this can be done by using Secure SQL queries and BizTalk Reporting.

Note: To be able to use BizTalk Reporting, you need to have the BizTalk360 Platinum tier.

User permissions required to execute SQL Query

The log of all taken actions within BizTalk360 is stored in the BizTalk360 database. The Audit Log tables of this database will be the source for the reporting we are going to set up. However, to be able to set this all up you need to have access to these features.

By default, super users will have access to all the queries and also to the reporting feature.

However, if you are a normal user, then you must ensure that the following permissions are provided.

The user must have permissions to:

  • Secure SQL Queries
  • BizTalk reporting

Once all the feature permissions are set, then users can get started with creating queries using BizTalk360’s feature Secure SQL Queries.

Whenever you need to create a new query, the user can navigate the steps as (Operations->Data Access -> Secure SQL Queries.)

Once the query has been executed, the next step is to create a BizTalk Report and a Reporting Schedule.

The user can navigate the steps as Analytics->Reporting schedule->Add

From the schedule configuration screen, you can define when you want to generate a report. There are 3 options available:   

  • Daily
  • Weekly
  • Monthly

If you want to get a report daily then you can select Daily and set your preferred timings. This way the user will get the report on a daily basis. 

Once you have created a schedule, the next step for you is to create a report and map that report to the reporting schedule.

To do this, users can navigate as follows Analytics->Reporting->Manage report->Add new report

Provide a friendly name to the report and map that report to the schedule.

Once all done, select the Configure reports button from the Manage Reports section. Next, select the Add widget button and select Secure SQL Queries from the list.

When you click on “Secure SQL Query”, it opens up with a blade where you can add the widget title and select the auditing query which you have created earlier.

After clicking the Save option, BizTalk360 will take you to the Reporting dashboard section and that widget will be added to the reporting dashboard

Everything is in place now, and you will receive the Auditing report in PDF format according to the schedule you have configured for this report.

As shown above, you can also create ad-hoc reports. After clicking the PDF option your downloaded PDF will look like below.

Conclusion

In this first article, we have seen how we can use SQL queries efficiently. Get auditing reports which you can share among your team members. However, we have only scratched the surface of the capabilities, by only showing a report about auditing of host instance operations. Besides the possibility to customize the query we have shown here, you can also think of creating queries and reports around actions taken against BizTalk ports, orchestrations or service instances, and all other entities for which auditing exists in BizTalk360. All it takes is a little investigation in the BizTalk360 database.

In the next articles, we can get familiarized with others like how you can monitor your audit logs and get them notified.