Creating audit logs for user activity

Creating audit logs for user activity is a vital practice to monitor and track actions within your Power Pages portal, ensuring compliance, security, and accountability. By maintaining detailed logs of user interactions, you can better understand user behavior, detect suspicious activities, and comply with industry regulations.

Here’s how you can implement audit logs for user activity in Power Pages:

1. Use Power Platform Audit Logs

Power Platform provides built-in audit logs that can help track user activities within apps, including Power Pages. These logs capture key actions such as:

• Changes made to data records.
• User logins and logouts.
• Modifications to forms or entity records.

You can access the audit logs via Microsoft Purview Compliance Portal (formerly known as the Microsoft Compliance Center).

Steps to Access Audit Logs:

1. Go to Microsoft Purview Compliance Portal.
2. Under Solutions, select Audit.
3. Configure and run queries to filter logs based on user activity.
4. Export logs as needed for reporting or monitoring.

2. Custom Audit Logs via Power Automate

If you require custom logging for specific activities in your portal, you can use Power Automate to capture and store actions as audit logs. You can trigger workflows based on events such as form submissions, record updates, or user actions.

Steps to Implement:

1. Create a Flow:
   • Trigger the flow on a relevant event (e.g., Create, Update, or Delete records).
   • For instance, on a form submission, trigger a flow to log the user’s action.
2. Record the Activity:
   • Create a new Dataverse table (e.g., AuditLogs) to store the logs.
   • Store relevant data such as:
     • User Information: Name, Email, User ID.
     • Action: Created, Updated, Deleted.
     • Date and Time: Timestamp of the action.
     • Entity: The table or data entity affected.
     • Old and New Values (if applicable): Store the before and after values for updates.
3. Log the Information:
   • Use Power Automate’s “Create a new record” action to store the audit log in your AuditLogs table.

Example Flow for Logging Record Updates:

• Trigger: When a record in a Dataverse table is updated.
• Action: Add a new record to the AuditLogs table with details about the update (user, record, field values, timestamp).

3. Tracking User Login and Logout Events

For auditing user login and logout events, you can use Azure Active Directory (Azure AD) logs, especially if you’re using Azure AD B2C for authentication in your Power Pages portal.

Steps to Set Up:

1. Enable Audit Logging in Azure AD:
   • Go to the Azure Portal and enable auditing for your Azure AD tenant.
   • Review logs for events such as sign-ins, failed logins, and suspicious activities.
2. Capture Login Attempts:
   • If using Azure AD for authentication, the Azure AD sign-in logs will contain information about login attempts, including:
     • IP addresses.
     • Browser and device details.
     • Authentication methods used (MFA, SSO, etc.).
3. Export Logs:
   • You can export these logs to Power BI, Azure Log Analytics, or Power Automate for further analysis or to create dashboards and reports.

4. Integrating Application Insights

Application Insights allows you to collect telemetry data such as user activity, page views, and errors. You can set up custom events to track user actions and other activities in your Power Pages portal.

Steps:

1. Enable Application Insights:
   • Add Application Insights SDK to your Power Pages portal’s custom JavaScript.
   • Track custom events, like form submissions, button clicks, and other interactions.
2. Track User Activities:
   • Use the trackEvent method in Application Insights to log custom user interactions.
   • Example:
     appInsights.trackEvent("FormSubmission", { userId: userId, formId: formId });
3. Monitor Events:
   • Use Application Insights dashboard to monitor custom events and gather insights into user behavior.
   • Correlate the data with other logs to detect anomalies.

5. Implementing Custom JavaScript for Logging

If you want more flexibility in tracking specific events, you can use custom JavaScript to log user activities directly to your Dataverse tables or external storage.

Steps:

1. Track Actions:
   • For example, if a user submits a form, you can use JavaScript to send the form data and user details to a logging service.
2. Log User Activities:
   • You can send the logged data to a custom API or service that stores the information in Dataverse, a SharePoint list, or an external database.

Sample JavaScript Code for Logging:

function logUserActivity(userId, actionType, entityId, timestamp) {
    var logData = {
        userId: userId,
        actionType: actionType,
        entityId: entityId,
        timestamp: timestamp
    };

    // Send the data to Dataverse or a custom API for logging
    fetch("https://your-api-endpoint.com/log", {
        method: "POST",
        body: JSON.stringify(logData),
        headers: {
            "Content-Type": "application/json"
        }
    });
}

6. Using Power BI for Visualizing Logs

You can integrate Power BI to analyze and visualize your audit logs. For instance, you can create a report that shows:

• User activity over time.
• Most frequently accessed pages or records.
• Login trends.

Power BI can pull data from Dataverse or an external log store, providing real-time insights.

7. Compliance and Data Retention

Ensure that your audit logs meet your organization’s compliance and data retention policies. Consider the following:

• Data Retention: Set up retention policies to keep logs for the required period (e.g., 1 year for compliance).
• Access Control: Restrict access to the audit logs to only authorized personnel to prevent tampering.