Microsoft BizTalk Server 2020 has an important feature as the Audit log which was introduced on January 15, 2020. It is the most awaited feature by administrators to handle the security gaps in BizTalk Server. It could be efficacious for BizTalk Administrators and Operation Teams to know what operations have been performed in the BizTalk Group by which user.
Auditing helps with providing visibility on sensitive enterprise data by knowing who performed which operations, modifications, or destructions. Server auditing is a way of tracking and reviewing activities on our server. The process works based on our audit policy. Biztalk users have no limitations of accessing BizTalk Artifacts.
BizTalk Server is open for all users like Administrators, Deployment teams and Support team. Admin console can be operated by both BizTalk Operational Users and Business users. Since there is no user access policy in the BizTalk Admin console, there are chances that Business users can perform an operation on Artifacts by mistake during the business data transaction. It causes more impact on the business flow. This can be avoided by using BizTalk360 User access policy and Governance Audit capabilities
You may have a question since BizTalk already has the auditing capability then why its integrated with BizTalk360. Answer is BizTalk will audit the activities you performed and save the auditing details in table; you have only raw data you do not have UI to view that. By integrating this with BizTalk360 you can clearly visualise which user performed which activity on which artifacts during which time. Say for instance you can clearly get to know SendportA is stopped by admin or support, or business user and you can take necessary action for same.
Let’s take some example scenarios and see how the impact of such activities can cause huge business disruption. Let’s imagine you have an integration scenario picking up purchase orders from an FTP location, processing it via a BizTalk Orchestration and finally sending it to the SAP system.
In this simplest scenario, a BizTalk Administrator can potentially do the following 5 activities intentionally or accidentally —
Any one of the above activities would have resulted in a business impact of not processing that purchase order. When such incidents happen, you must have the system in place to look at the audit logs to see who actually performed such activity and take the necessary steps.
we can configure this amazing functionality with few steps
As said earlier, with BizTalk Server 2020, administrators can configure the audit management operation in the BizTalk Server admin console to generate audit logs. Below are the artifact activities that can be audited
The audit data of BizTalk admin console operations will be saved in your BizTalk Management database into “the bts_auditlog” table, this audited data will be displayed with some terms like Id, Batch Id, User Principal, Machine, Artifact Id, Parent Artifact Id, Artifact Type, Artifact Name, Operation Name.
Since BizTalk has no audit feature in the previous versions at that time BizTalk360 supports Governance & Audit which audits the activities that are performed inside BizTalk360.
Now with this integration BizTalk360 users can view the BizTalk Audit logs in the BizTalk360’s Governance & Audit section. Along with the BizTalk360 audits automatically the BizTalk audit logs will be start captured once BizTalk360 is updated with the latest version (from V10.2).
To achieve this super cool functionality, you need to upgrade to BizTalk360 v10.2. We have added a new sub-service “BizTalk Audit log” under the Monitoring Service. BizTalk Audit logs will be fetched into BizTalk360 on 5 minutes frequency.
You can think about what will happen if I have both the BizTalk and BizTalk360 audit logs in the same database, it may cause performance issues. BizTalk360 have purging policy for Governance & Audit, with this the data will be purged periodically there won’t be any data growth to affect your DB performance.
Yes, you might think, when we get both BizTalk and BizTalk360 audits in the same segments of Governance & Audit how do we get to know the activities are done by BizTalk or BizTalk360.Here we help you with a server icon specification for the BizTalk admin audits.
Application & artifacts audit under application section.
Let see what activities can be audited from BizTalk360 and from BizTalk.
Service instances related audits under the service instance section
Here coming to the Service Instance part, the below table shows you which can be audited from BizTalk and BizTalk360 in the Instance part.
Tracking related audits under Tracking Manager section
The below table shows you which can be audited from BizTalk and BizTalk360 in the tracking part.
The above operations will also be audited along with all the operations performed across administration features in consolidated activities under Administration Activities of Governance and Audit.
Compared to the below API browser view, BizTalk360 provides a user-friendly, feel-good user interface.
You can just overview the rich query filters which are available for our user convenience. We do have the options like User, Operation, Application name, Artifact Type, Timestamp all these are helpful to filter the Audit data as per the BizTalk User requirements.
In addition, we have added the “Source” filter so that the users can view the BizTalk and BizTalk360 audit logs separately and export them in PDF format for any business needs. Also Getting to know who performed what actions from which source that so helpful to take required steps to resolve the unexpected situations.
Hope you understand this additional auditing functionality makes your work easier and saves much time. We have added this feature in BizTalk360 V10.2. Want to try this feature or upgrade to our latest version?
We have a free trial for you! Try it out! BizTalk360 will make you more productive, Happy monitoring!
