Auditing your NetSuite Customizations and Configurations

If you’re reading this, you might have been bitten by a recent breaking script change, wasting precious time identifying who changed what. Or possibly, you’ve been tasked with setting up regular audits of the ERP to remain compliant with regulatory requirements, something you’ve been putting off for ages. Or maybe, you’re just curious, keen on snooping about or trying to be ‘proactive’ (in which case, congrats!) and want oversight into all NetSuite script and object changes.

Either way, I’m sure you already appreciate the importance of setting up NetSuite version control, and maintaining an audit log of your NetSuite scripts, objects and settings, so I’ll spare you the boring background and boilerplate intro.

The goal of this article is to show you how you can get it done. A video going through everything in this post is included at the end.

Read on to find out how in just a few, simple clicks, you can set up an industry standard change log for your NetSuite Customizations, with no knowledge of all the NetSuite APIs and services you’d need to build one from scratch. In a future series of articles, we might even show you how all this could be achieved natively in NetSuite. Today however, we’ll be using Bundlet, which does all the heavy lifting, and combines results from multiple services into one searchable, centralised view.

In a few simple steps you can achieve the following:

• A configurable scheduled sync of your NetSuite account’s customizations and configurations
• A repository in Git, tracking every script, object and configuration change, acting as a change log, as well as a backup of the NetSuite account.
• A summary listing of every sync, detailing how many files were: modified, newly added, removed, or simply remained the same.
• A detailed file explorer for every sync, allowing you to drill down into the specifics of each customization change, which will help you answer the following questions:
  • what was flagged for syncing
  • what failed
  • what changed
  • when, and by whom.
• A push notification to a dedicated Slack channel, summarizing the results of every sync, and over time turning into yet another useful view for tracking periodic changes.

‍

What data is covered?

It’s important to preface what follows by clarifying exactly what customizations and configurations are, and what kind of data Bundlet picks up.

By Customizations I mean SuiteScripts, and Custom Objects.  This is your bread and butter for customizing NetSuite, implementing custom business processes and creating integrations to other systems.  Needless to say, it’s good to know when any of these files are modified and as you will see, identifying script differences in NetSuite becomes easy as pie.

By Configurations I mean account-wide settings like Enable Features, Accounting Preferences, General Preferences, Company Information etc. Changes to these settings can have huge implications on account functionality and in some cases a financial impact too.  NetSuite does not provide audit logs for all settings classifications, however using Bundlet, changes to any of the preference groups will be flagged in a scheduled sync diff as they happen.

Bundlet does NOT track customer, transaction or any data of that nature.  Our focus is purely on customizations, understanding how these are changing over time, and tying them to dates and authors.

‍

Setup

A scheduled sync can be set up in 3 easy steps:

Set Schedule

After connecting your NetSuite account, you need to configure the Schedule for the Customization Sync.

Set Scope

You also need to specify which Customizations and Configurations you’d like to track. Select any and all of the following types:

• Custom Objects (custom fields, forms, workflows, roles etc.)
• Settings (enable features, company preferences, accounting preferences etc.)
• SuiteScripts

The account sync will then only include what you configure in the above scope. In most cases, you would just include everything.

‍

Configure Git

A pull request will be opened with the results of the scheduled sync to the repository you have linked in Bundlet. Choose whether to merge it automatically, or leave it open for review, and configure the commit message to be used and whether you’d like to decode zipped objects.

And you're done! Bundlet will run on the schedule configured above, and start accumulating a detailed history of how the scripts and objects are changing over time.

‍

The Sync History page summarises details of every sync. Quickly identify scripts and objects which were:

• added
• removed
• remained the same
• modified

If Git was configured, a pull request will be opened with the same changes:

And the results are also optionally posted to a Slack channel you also configure in Bundlet:

Sync Explorer

Clicking into one of the scheduled syncs will open a newly released Customization Explorer and will give you a closer look at everything that was picked up in the sync.

‍

On top, you can see what time window the scheduled sync covered (this should correspond to the frequency you set up in Step 1, unless of course you have triggered an on-demand sync). It provides a convenient view for understanding more about all NetSuite script changes within the given time period.

This component is essentially a NetSuite file comparison tool, and audit trail on steroids.

Here are just some of the things you can do from this view:

Filter on any of the columns to drill down into a subset of objects. For example, you might not care about scripts and objects which didn’t change, so you can filter on Diff Type to only display modified files. Or you may want to filter the table to only show Locked Objects, or only those files which SDF failed to pick up and understand the reasons why.

Use the inline Quick Links:

to open every file and object directly inside NetSuite. Anyone who's worked with NetSuite trying to navigate to certain objects knows how painful this can be. (Go to Customizations > Lists > Transaction Body Fields, wait for the page to load, sort by name or script id, access the right page, etc, etc.) From this view, you can search for any object, file or setting using the quick filter, and navigate directly to it’s page in NetSuite using the quick link. Handy.

You can include audit trail information in the table, which will not only give you visibility into what changes were made to which scripts and objects, but also who made those changes, and when.  So for example, you could search the table by employee name, to bring up:

• All scripts and objects modified by that person within the given time frame,
• The exact changes that were made in the diff view, overlayed with the person who made those changes, aka Blame line
• Links to the objects in NetSuite for further analysis and system note viewing

‍

By making use of all the APIs NetSuite gives you for pulling customization and audit data, and leveraging the power of Git and version control tools, Bundlet enables you to set up daily, automated syncs of your NetSuite accounts. This approach allows for quick monitoring, easy querying and archiving of data, simplifying the process of auditing your NetSuite Customizations and Configurations, making it one less thing for you to worry about.

Video run through:

‍