Microsoft Dynamics 365 Audit Trail Management

Tracking down record changes in a complicated CRM can be a complex process. You’ve got to keep up with various business roles, workflow updates, and scripts that affect field values. Microsoft Dynamics GP audit trails make it easier for users to track what’s happening within their CRM and other Dynamics modules. Audit trails make it easier to manage issues that affect customers and clients. There is also a Dynamics 365 audit log export feature, helpful for organizations wanting a deeper look into potential issues within their CRM.

Note: Microsoft Dynamics GP, which historically included its own audit trail features, is now approaching end of life. New subscription license sales ended on April 1, 2026, with product support and updates concluding on December 31, 2029 and security patches ending April 30, 2031. Organizations still using Dynamics GP audit trails should plan their migration to Dynamics 365, where audit trail functionality is more robust, cloud-native, and continuously updated by Microsoft.

In this blog, we’ll talk about how you can best achieve audit trail management in Dynamics 365, the successor to Microsoft Dynamics GP.

Why are Audit Trails Important?

Creating an environment focused on data privacy has become a top concern among many companies. Enabling audit trails in Dynamics 365 helps businesses comply with regulations like the General Data Protection Regulation (GDPR), which was adopted by the European Union and went into effect in May of 2018. Organizations also need a way to audit information and user actions to ensure that they are not vulnerable to a potential data breach.

Beyond GDPR, Dynamics 365 audit trails also support compliance with other regulatory frameworks, including the Sarbanes-Oxley Act (SOX) for financial reporting transparency, HIPAA for healthcare data handling, and industry-specific standards like FDA 21 CFR Part 11 for electronic records. For many businesses, a well-configured D365 audit trail is essential to meeting both internal governance requirements and external regulatory audits.

Audit logs help administrators tasked with setting up and tracking how users move around in Dynamics 365 or Dynamics GP. In addition to executing functions like migrating or reviewing audit history, admins can also find ways to resolve critical issues, like:

• Figuring out which users accessed the system
• Tracking where users went when they gained entry to Dynamics 365 apps
• Determining the value previously held in a field before it was updated
• Monitoring recent actions taken by users
• Seeing who deleted a specific record
• Determining the location of users making updates to Dynamics 365 applications

Below are some of the operations admins can set up tracking for within Dynamics 365 modules:

• Record creation
• Record updates
• Record deletions
• Changes to privileges around sharing records
• Security role updates
  Audit log deletions

Benefits of Using Dynamics 365 Audit Trails

One great advantage of Dynamics 365 audit trails is the ability to see changes made by other administrators. That’s a critical security feature that ensures that organizations can keep up with the actions of all users, regardless of their access level. Admin events you can review using audit trails include:

• Published customizations
• Application management
• Instance configurations
• Backups and restores
• Attribute deletion

It’s also possible to see user actions, including reading, creating, and deleting records. Newer versions of Dynamics 365 let admins see read functions on business processes and track user adoption of new features. There’s also a setting that logs when users open records like emails and attachments. That’s useful for monitoring how well users follow security protocols around clicking on unrecognized attachments that could contain viruses or malware.

Dynamics 365 also integrates with Microsoft Purview, which provides an additional layer of audit trail control. When activity logging is enabled, user and admin activity from your Dynamics 365 environment is recorded in the Purview audit log, where it can be retained for 90 days or longer depending on your license. This lets compliance teams search for specific Dynamics 365 activities across the broader Microsoft 365 ecosystem, giving organizations a unified view of data access and changes across all their Microsoft tools.

Setting up Audit Trails for Your Organization

Below is a general overview of configuring audit trails in Dynamics 365 CRM. Microsoft now provides two primary paths for enabling auditing: the Power Platform admin center (recommended for cloud environments) and the legacy Settings interface within the Dynamics 365 web app. The following actions require permissions equivalent to a system admin or a system customizer security role.

Option 1: Power Platform Admin Center (Recommended)

The Power Platform admin center offers a streamlined, centralized approach to enabling auditing across your Dynamics 365 environments. This is the recommended method for organizations using Dynamics 365 online.

1. Sign in to the Power Platform admin center (admin.powerplatform.microsoft.com).
2. From the left-side menu, select Security, then Compliance.
3. Select the Auditing tile, then choose the environment you want to configure.
4. Select Set up auditing. Review the list of Dataverse data and Dynamics 365 app entities that will be audited.
5. Set your event log retention period using the dropdown. Options range from 30 days to Forever, depending on your organization’s data retention policy.
6. Select Save to apply the configuration.

Option 2: Legacy Settings Interface

For on-premises deployments or organizations that prefer the classic interface, auditing can also be configured through the Dynamics 365 web app:

1. Open Settings, go to Administration, then select System Settings.
2. Select the Auditing Tab, then click the Start Auditing checkbox. That starts the audit process for a Dynamics 365 instance within an organization.
3. Look for Enable Auditing in the following areas. Click all the boxes for which you wish to enable auditing.
4. Navigate back to Settings, then go to Customization -> Customize the System
5. Pick the entities that you would like to track through auditing. Options you can select include:
   1. Audit user access — Let you track the activities of a user, including their name and the time they accessed or updated different areas of the platform.
   2. Common entities — Keep up with various entities within a Dynamics 365 module like an Account, Product, or Contact.
   3. Sales entities — Provides a way to track sales-related entities like Invoices, Opportunities, and Quotes.
   4. Marketing entities — Tracks Campaign table activity.
   5.  Customer Service entities — Tracks Case, Contract, Queue, and Service table activity. 
6. On the Auditing tab, click boxes for Single Record Auditing and Multiple Record Auditing.
7. Click Save, then select Publish to publish the customizations.

You can repeat steps four through seven when you wish to add new Dynamics 365 entities for auditing.

Managing Table-Level Auditing Through Power Apps

For more granular audit trail control, administrators can manage auditing at the individual table level through Power Apps. Navigate to the Power Apps portal, select your environment, and choose a table. Click Edit from the command bar, then Edit Table Properties. A panel will open on the right-hand side where you can enable or disable audit logging for that specific table. When enabled, this logs any data creation, changes, or deletions in the table for all columns by default.

Viewing audit log details

System admins can perform the following steps to look at the activity around any Dynamics 365 entities with audit trails enabled.

1. Navigate to Settings -> Auditing.
2. Select Audit Summary View.
3. The following actions are available to admins from the Audit Summary View panel:
1. Set up filters by choosing the Enable/Disable Filters options. From there, admins can filter by specific events like Views or Deletes.
2. Pick an event and review specific activity details, like changes made to fields during a user update.
3. Refresh and see all recent Dynamics 365 activities.

Organizations using Microsoft Purview can also search the audit log in the Purview portal. To search for Dynamics 365 records, choose the Record type as CRM and set Activities to All Dynamics 365 activities. This provides a broader view of audit history across your Microsoft environment and supports deeper compliance investigations. 

Enable and disable auditing on fields and entities

Admins can change the default auditing settings for specific entities and fields.

Go to Settings -> System, then select Auditing.

1. Select Entity and Field Audit Settings.
2. Go to Components, then expand Entities.
3. Open the entity whose audit settings you wish to update.
4. Go to the general tab and click the Auditing check box. You can also deselect the checkbox to remove auditing on fields within the entity.
5. Click Save.
6. Select the entity, then click Publish to publish the changes.
7. To publish changes made to fields, select the field, go to the Auditing section, choose Enable or Disable, then click Save.

Best Practices for Dynamics 365 Audit Trails

Even though audit trails make it possible to perform functions like executing a Dynamics 365 audit log export, you still have to be careful how you manage them. Detailed auditing can increase the size of your organization’s databases and may affect system performance if left unchecked.

Admins should track how much information gets captured and determine whether company policy calls for archiving older records. You may need to remove old audit logs periodically or configure automated retention policies through the Power Platform admin center to manage log lifecycle.

When configuring your audit trail management strategy, keep these additional best practices in mind: only audit the tables and fields that have a genuine business or compliance need, as auditing everything creates unnecessary storage overhead. Set appropriate retention periods based on your industry’s regulatory requirements – 90 days may be sufficient for general troubleshooting, while regulated industries like healthcare or finance may require a year or more. Review audit logs regularly rather than only during formal audits, and establish clear security roles that control who can access, export, and delete audit data. 

Make sure there’s an established business need around enacting Microsoft Dynamics 365 audit trails on specific entities. Internet eBusiness Solutions can offer guidance if you’re having trouble managing your organization’s audit trails in Dynamics 365. Contact one of our Microsoft experts today to set up a consultation.

Microsoft Dynamics Audit Trail FAQs