Issue
Description
By default, the system prohibits using the vast majority of system tables (tables with a prefix of sys) as the table data source of reports. This is for a variety of reasons, mainly due to the fact that most system tables are some of the target in the instance and reporting on such tables can have performance impacts on the instance. The system tables that are, by default, set to prevent being used as a reporting data source include, but are not limited to, the following:
- sys_audit
- syslog_transaction
- sys_attachment
- sys_email
- syslog
- sys_history_line
- syslog_app_scope
However, in certain cases the need may arise to report on one or more of these system tables. Alternatively, a system table may have been previously removed from said list and will need to be re-added to prevent it from appearing as a potential data source for creating reports.
This behavior is controlled by a specific system property with the name glide.ui.permitted_tables. Any table name that begins with the three characters sys and is NOT in the list of values set for this property will thusly be unable to be selectable as a table name when a user is selecting a table as the source for any report. This article will describe the steps needed to add or remove a table from this system property to allow or disallow reporting on that table.
Procedure
Log into the instance with an account having admin rights to the instance.
Browse to the following location on the instance: System Properties -> UI Properties.
The UI Properties page will appear.
Locate the property on the page with the heading List of system tables (beginning with "sys_", comma separated) that are reportable. By default, system tables are not reportable.
The text field below the heading will contain a comma delimited list of table names that, although they begin with the prefix sys can still be selectable as the table source for a report in the reporting interface. Thus, any report name that is found in the list can still be selected to allow reporting.
To add a new report to this list of allowable system tables for reporting, simply click in the text field and use the arrow keys to move the cursor to end of the value that is currently shown in the field. After the last text which is currently already found in the field, add a comma and the exact name of the system table for which you want to allow reporting (i.e. ",sys_email").
Similarly, to remove an existing table name in the field, locate the field name in the string and remove the full table name as well as the trailing comma.
Once all the changes have been performed to this list, click one of the Save buttons, one can be found at the upper right of the form and the other at the bottom of the form.
Once these steps have been completed, the reporting list will then be modified such that the the report interface will reflect the changes to the system tables that are either added to or removed from the reporting interface.
As indicated previously, the built-in system tables can be quite large and reports on these tables can potentially cause performance issues or take a long time to render, thus caution should be exercised when modifying this list to ensure no issues are caused. In addition, the audit related tables can sometimes contain data which a user may not normally have access to, so care should also be taken when determining which tables or data from those table might be viewed in a report by end-users.
Additional Information
This list of allowable system tables for reporting access is actually contained in a specific system property, with the steps above using a special properties page to update the value. The property could also be updated directly by accessing the sys_properties table directly and editing the value of the property with the name glide.ui.permitted_tables.
The following ServiceNow Docs site page gives additional information regarding the procedure to update this property as well as data regarding reporting on system tables: