Custom Audit

The Custom Audit namespace is used to manipulate records before they are moved to the audit log database. It adds transaction log SQL statements to be executed against the database.

The Custom Audit namespace implements the following procedures:

Procedure	Description
Audit	Adds SQL statements to the transaction log for execution against the audit log.

To successfully execute Custom Audit namespace, the computer's Active Directory user account, MPFServiceAcct, must have access permissions for any tables and stored procedures that might be affected by the SQL commands.

Custom Audit namespace acts only on data previously marked for auditing. If the audit log database does not contain the expected data, it is possible for a provider to return data successfully but to not yield the desired results. You can use Provisioning Manager to modify the audit level of each procedure.

Caution

All MPF databases, including MPFConfig, MPFAudit, MPFTranLogData, MPFSample, and Resource Manager, are SQL databases. The only database you should access directly in SQL, however, is the MPFAudit database. Directly accessing the MPFConfig, MPFTranLogData, MPFSample, and Resource Manager databases can cause database corruption, transaction processing errors, and the loss of data. Access these databases using Provisioning Manager or Configuration Database Windows Management Instrumentation (WMI) Provider only.
This is a read-only namespace. It cannot be modified in Provisioning Manager and should not be modified or deleted outside of Provisioning Manager.

For more information about configuring the audit level, see To change the audit level for provisioning engines.

The Microsoft Provisioning Framework Software Development Kit (SDK) contains additional resources to help you implement the Custom Audit namespace. For more information on the SDK and how to use it, see Microsoft Provisioning Framework SDK.