FujiForty - Application Auditing Who Done It

I expect the soon to be released ServiceNow store and the hype at Knowledge15 to increase the number of 3rd party integrations and applications that will be deployed to customer instances. So there will be more record creation and updating by user accounts that may not exist in that instance. 

While this doesn't present a huge problem it could make reviewing the "Created by" and "Updated by" fields as well as audit history a little confusing. Take for example, a vendor application delivered through the store. The vendor did all of their development using the default admin user account. When the customer looks at these field values it's not very easy to tell whether they were updated by the vendor admin or customer admin account.

Another confusing scenario would be an auditor looking at a record history and seeing a user name like "john.roberts" but they can't find a user with that ID in the user table. They won't know if the user was deleted or just existed in the instance where the development occurred.

Sure you could track down update set records or list of local customizations to determine if it was a vendor or customer change but it would be nice to quickly see more useful information.

One option for 3rd party application developers is to create a user account with an ID that clearly identifies your company.

We can now see that this record was created by CAVUCode and since modified by our customer admin. 

But this doesn't allow you to track auditing and accountability during the development cycle since all developers would need to log in with the same account.

A better option would be to reset the system fields before you publish your application. Here's a sample script that could be run from background scripts to reset the created and updated by fields on all records in a table. This is available as of patch2 hf1.

//run in global scope as background script
var vendorName = "--CAVUCode--";
var appID = "---AddAppSysIDHere---";

updateAppFiles(vendorName, appID);

function updateAppFiles(vendorName, appID) {
   var gr = new GlideRecord("sys_metadata");
   gr.addQuery("sys_scope", appID);
   gr.addQuery("sys_updated_by", "!=", vendorName);

   while (gr.next()) {
      gr.sys_created_by = vendorName;
      gr.sys_updated_by = vendorName;
      gs.print("Updated " + gr.getDisplayValue("sys_class_name") + ": " + gr.getDisplayValue());

Reading my crystal ball: I've been discussing an enhancement with ServiceNow that could be used by developers submitting apps to the store that would reset all created and updated by fields in bulk with your company name, vendor code, or app scope name. It's not yet clear what the options will be but it will allow you to easily set all records in your app to the same value without having to worry about running a script on every table in your app every time you want to publish. Hopefully this will make it into a patch in the near future.