What’s new in BizTalk Server 2020: Audit Logs

Posted: December 16, 2020  |  Categories: Administration BizTalk

Starting with BizTalk Server 2020 and newer, administrators can configure BizTalk Server to generate an audit trail for management operation on application artifacts, such as to send ports, receive ports, receive locations, orchestrations, and resources. Auditing of suspend/resume/terminate operations on service instances is also possible.

This feature may not be perfect yet, and it has space to grow in the future, but it is a good start, and I hope the BizTalk product team will improve these capabilities in the future.

How to configure the Audit Logs?

The auditing feature isn’t enabled by default. To enable auditing you need to:

  • Open BizTalk Server Administration console, right-click the BizTalk Group, and select Settings
  • On the Group panel, under the Tracking and Reporting section:
    • Enable the Audit management operations option.
    • And set a Maximum number of audit entries property according to your needs. By default, BizTalk stores 10000 most recent entries.
  • Select OK to save your changes.

Now every time you make the following operations:

  • On Ports (Receive or Send): Create, Update and Delete
  • On Service Instances: Suspend, Resume and Terminate
  • On Application resource: Add, Update and Remove
  • On Bindings: Import bindings files

One or more audit entries are logged. All these correlation entries have the same BatchId. The audit log has the following information:

PropertyDescription
IDId of type Guid, unique per entry. Example: 3bf539a3-4b59-4148-b589-d22c83f32d25
BatchIdSame for all audited operations performed in a single SQL transaction. Insightful in correlating user operations with lower level details Example: a4ffa64b-8064-4e54-9d99-2e7d60797100
UserPrincipalUser who performed the operation. Example: BTS2020LAB01\\Administrator
MachineMachine name from which operation was performed. Example: BTS2020LAB01
ArtifactIdUnique id of the artifact. Example: 1
ParentArtifactIdIf an artifact is child of another artifact, then this field will have artifact id of the parent. Example: 1
ArtifactTypeType of artifact on which operation was performed. Example: SendPort, ReceiveLocation, etc.
ArtifactNameUser configured name of the artifact. Example: BatchControlMessageRecvLoc
OperationNameAction performed on the artifact. Example: Ports: Create/Update/DeleteService Instances: Suspend/Resume/TerminateApplication resources: Add/Update/RemoveBinding file: Import
PayloadContains information about what is changed in JSON structure. Example: {  “Disabled”: 0 }  
CreatedDateTimestamp when the operation was performed Example: 2020-11-27T09:21:48.55Z

How to view the audit logs?

The easier way to access the BizTalk Server Audit logs is to access the Audit Logs REST service using your browser by using the following URL:

  • GET http://localhost/BizTalkOperationalDataService/AuditLogs

This will provide a JSON response containing all the latest logs. 

For a better user experience, you could use a tool like postman to interact with this service:

You can also define a date range to retrieve the desire logs. For that you should use the following query parameters:

  • fromDate: beginning date, for example, 2020-12-01T01:00:00
  • toDate: end date, for example, 2020-12-03T01:00:00

GET request example:

  • GET http://localhost/BizTalkOperationalDataService/AuditLogs?fromDate=2020-12-01T01:00:00&toDate=2020-12-03T01:00:00

Supported date formats are: yyyy-MM-dd or yyyy-MM-ddThh:mm:ss.

Author: Sandro Pereira

Sandro Pereira lives in Portugal and works as a consultant at DevScope. In the past years, he has been working on implementing Integration scenarios both on-premises and cloud for various clients, each with different scenarios from a technical point of view, size, and criticality, using Microsoft Azure, Microsoft BizTalk Server and different technologies like AS2, EDI, RosettaNet, SAP, TIBCO etc. He is a regular blogger, international speaker, and technical reviewer of several BizTalk books all focused on Integration. He is also the author of the book “BizTalk Mapping Patterns & Best Practices”. He has been awarded MVP since 2011 for his contributions to the integration community.

Leave a Reply

Your email address will not be published. Required fields are marked *

turbo360

Back to Top