Whether you’re prepping for an audit, troubleshooting an issue or comparing your prod and dev environments, NetSuite gives you several tools for investigating what’s happening in your system.
We recently hosted a webinar breaking down the various ways you can audit NetSuite — with a look at both its out-of-the-box tools, and how Strongpoint expands on them. You can check out the full presentation here, or read on for a quick overview of six of the most important tools in your NetSuite account now.
NetSuite system notes are a time-stamped log of any changes to NetSuite customizations, configurations, and other record types. They contain information about who made the change, their user role, the pre- and post-change values, and other details.
(Hint: enabling system notes on record creation will make audit prep a lot simpler for public companies.)
As you can imagine, a busy account can produce thousands of system notes every day — to make it easier to find the information you’re looking for, NetSuite gives you some out-of-the-box searches, called audit trails, that focus on specific record types and activities.
Analytics Audit Trail
The analytics audit trail shows you all changes to the definition of saved searches, reports, search schedules, layouts and related information during a set period of time. It shows when the change happened, who made it, and what it consisted of. It tracks deletions as well as changes.
There is also a related execution log showing when a saved search was last run, and by who.
Login Audit Trail
Another audit trail that’s critical for SOX compliance and overall security is the login audit trail. As the name suggests, this search tracks all logins and login attempts, and contains a record of the associated user, their role, and IP address.
Regular review of the login audit trail can help you determine if unauthorized people are attempted to get into your account. It’s also important for checking user activity in preparation for a role/permission cleanup or SoD project.
Script Execution Logs
Script execution logs, by default, only track script errors, but they can be configured to track audit messages and debug data, if required.
Script execution logs aren’t based on system notes, so they aren’t immutable — in fact, they can be directly written using code. They are also only stored in the system for up to 30 days.
Workflow History and Execution Logs
Workflow history and execution logs serve a similar purpose as script execution logs, but, obviously, for workflows. They track actions and transitions that execute on a record that are triggered by a workflow, including server triggers, event types and contexts, and more.
Like script execution logs, they are useful for debugging, but are rarely a concern for auditors.
Deleted Record Logs
Finally, the deleted record log shows you information about deleted transactions, including who did it and when. This is important information for auditors but unfortunately NetSuite’s built-in logs only capture certain record types — customizations and setup preferences, for example, aren’t tracked — and don’t give you a lot of corroborating information about the deletion itself.
Watch a clip walking you through everything we covered above:
The big takeaway about system notes, execution logs and audit trails is that while NetSuite can get you very close to a stress-free audit, on its own it has some limitations. To see how Strongpoint complements NetSuite’s built-in tools and makes SOX compliance so much easier, watch the full webinar or reach out for a demo in your account: