For various reasons you may have a business requirement to track user activity within the platform such as to confirm actions that have or have not been taken by specific users.

Having reviewed available OOTB data the sys_audit table might initially look like a good solution to this requirement but in reality there are several limitation that should be reviewed first.

As described within the official documentation the audit functionality within the ServiceNow platform is designed to:

"Track record changes on auditing-enabled tables. By default, the system tracks changes to the incident, change, and problem tables, among others."

Key to this statement is that it only records audit data for 'enabled' tables and furthermore you can also specify fields that are not audited

This highlights the biggest reason not to use sys_audit to track user actions:

• Any update to a table or field that is not configured for auditing will not be recorded and cannot be reported on

As such, while it might highlight some information on user activity, it will not provide the full picture

Supplementary to this are two other issues that need to be considered:

• It is not sustainable to configure auditing on all tables & fields due to the potential volume of retained data
• Out of the box the sys_audit table is only intended to be queried in specific ways, so reports on user activity may be very slow due to a lack of supporting indexes

Alternative Approaches

The best implementation of a feature of this nature would require customisation of your instance to suit your business requirement exactly

One option could be to review the creation of business rules designed to create custom events when monitored actions occur, for example creation of a incident.

These could then be processed to generate entries into a custom activity table designed to specifically for your reporting needs

ServiceNow Professional Services teams are always available to assist with the development of customised solutions such as this, and can be contacted via your Account Manager to discuss in further detail

Additional information on the Audit feature is available in the following product documentation:

https://docs.servicenow.com/bundle/newyork-platform-administration/page/administer/time/concept/audited-tables-2.html