Advanced Audit Trails provide information about read and write access to personal data in the system, which can be useful for regulatory purposes. Sage Intacct tracks all personal data stored in contact, vendor, and customer records.

Information about read access covers:

  • Using UI listers
  • Accessing objects that reference other objects with personal data
  • Viewing reports
  • Viewing Smart Events
  • Using read, readByQuery, readMore, and readByName API calls

Information provided about write access corresponds with information that is returned by audit trails functions.

Returned elements indicating read access of personal data have an ACCESSMODE of Personal data access. Returned elements indicating write access of personal data have an ACCESSMODE of System audit.

The Advanced Audit Trail subscription is required.


List Advanced Audit Trails

readByQuery

<readByQuery>
    <object>ADVAUDITHISTORY</object>
    <fields>*</fields>
    <query>ACCESSMODE = 'Personal data access'</query>
    <pagesize>100</pagesize>
</readByQuery>

Parameters

Name Required Type Description
object Required string Use ADVAUDITHISTORY
fields Optional string Comma-separated list of fields on the object to list. For best performance and predictability, limit the number of fields. To return all fields, omit the element or provide * for the value.
query Required string SQL-like query based on fields on the object. Illegal XML characters must be properly encoded. The following SQL operators are supported: <, >, >=, <=, =, like, not like, in, not in. When doing NULL comparisons: IS NOT NULL, IS NULL. Multiple fields may be matched using the AND and OR operators. Joins are not supported. Single quotes in any operands must be escaped with a backslash - For example, the value Erik's Deli would become 'Erik\'s Deli'. Note: like, not like, IS NOT NULL, and IS NULL are not supported for OBJECTTYPE and OBJECTKEY.
pagesize Optional integer Custom page size between 1 and 1000 items (Default: 100)

query

Name Required Type Description
OBJECTTYPE Optional string Object type for one of the objects with personal data. Use contact for contacts shared across the entire system, vendor for vendors, or customer for customers. Otherwise, omit the value and get information about all three object types.
OBJECTKEY Optional string Unique name field of the object, which differs based on the object type. For CONTACT it is the CONTACTNAME, for VENDOR it is the VENDORID, and for CUSTOMER it is the CUSTOMERID.
USERID Optional string User ID
ACCESSTIME Optional string Timestamp of access in the format MM/DD/YYYY HH:MM:SS.
ACCESSMODE Optional string Type of access mode. Use Personal data access to get information about all read access to objects containing personal data. Use System audit to get information about all write access to objects containing personal data.
SOURCE Optional string General category of the operation. Use api, csv, system, or ui.

Response

advaudithistory

The above function returns data structured like this:

<advaudithistory>
	<OBJECTTYPE>Vendor</OBJECTTYPE>
	<OBJECTKEY>BANK-099</OBJECTKEY>
	<USERID>Admin</USERID>
	<ACCESSTIME>03/08/2018 01:48:24</ACCESSTIME>
	<ACCESSMODE>Personal data access</ACCESSMODE>
	<WORKFLOWACTION></WORKFLOWACTION>
	<IPADDRESS>xxx.xxx.xx.xx</IPADDRESS>
	<SOURCE>ui</SOURCE>
	<ID>sessionidxxx</ID>
</advaudithistory>

Parameters

Name Type Description
OBJECTTYPE string Name of the personal data object type. One of contact, vendor, or customer.
OBJECTKEY string Unique name of the record
USERID string User ID that performed the action
ACCESSTIME string Timestamp of the event. Note that the returned value will be according to the GMT time zone, regardless of Company preferences.
ACCESSMODE string Type of the event, either Personal data access for read access of personal data or System audit for write access of personal data
WORKFLOWACTION string Indicates a workflow action
SOURCE string General category of the operation. One of api, csv, system, or ui.
IPADDRESS string Originating IP address
ID string Generated unique ID for this audited action

Provide feedback