CoreAudit
Name: Core Audit
Type: Core
Description: Audit trail of system activities (e.g., startups, service invocations, etc.).
| Field | Documentation |
|---|---|
| auditId | Unique identifier of the audit record. |
| AuditType | 'I' (Internal database audit) - created by our application with CoreAuditContext present. 'E' (External database audit) - database change was made with no CoreAuditContext present. 'A' (Action) - record of an application action audit |
| auditTime | Audit date and time stamp in milliseconds. |
| AuditTables | List of tables involved in the transaction. Comma delimited. |
| DbTransactionId | Database transaction identifier |
| DbUserName | Database user name of the transaction creator. |
| ComputerName | Computer name of the transaction creator. If this is not provided by DBMS, it comes from CoreAuditContext. |
| UserName.CoreAudit | Origin identityName of the activity (typically user login name). |
| IdentityName | Effective identityName under which transaction is operating (may be same as userName, or different if impersonation is in effect). |
| ActivityId.CoreAudit | ID of logical activity thread associated with the service request. Will be blank for transactions that are not part of a Service Shell service request. |
| SessionId.CoreAudit | Session ID (if available). |
| ServiceName.CoreAudit | If transaction is under a Service Shell service, this will be the service name, if not then this will be the application process name (exe name). |
| TransactionName | For database audits this is the SqlTransaction identity name (e.g., Booking::update). For action audits this is the action name (e.g., Core/Security/Login) |
| ProcessName | Process name of App service process (if available). |
| ProcessId.CoreAudit | Process identifier of App service process (if available). |
| DbSessionId | Database session (connection) identifier. |