Custom Audit Fields Reference

Custom audit fields are per-site, user-defined fields scoped to a specific device type. They extend the audit data model with values you collect yourself — through native audit collection, a PowerShell script, an SNMP OID, or manual entry — and surface alongside the built-in fields in Inventory grids, reports, and change tracking.

Where they live

Admin Center > Site Settings > Customization > Custom audit fields. The grid groups records by Device type and exposes the columns: Name, Label, Type, Device subtype, Description, Filling method, Script (hidden by default).

Fields

Field	Type	Values	Default	Description
Name	string	Identifier characters	—	Internal identifier used in API and scripts.
Label	string	Free text	—	Display text shown in Inventory grids and on the device form.
Description	text	Free text	empty	Free-text description of the field's purpose.
Device type	enum	Windows computer / SNMP device / EC2 instance / …	—	Required. Determines which device records carry this field.
Device subtype	enum	Printer / Switch / Other (SNMP only)	—	Required for SNMP device fields; constrains the field to a specific SNMP subtype.
Type	enum	Memo / String / Table / Logical / …	—	Data type of the value. The available enum depends on the device type — SNMP supports Memo and String; Windows supports a broader set including Table and Logical.
Filling method	enum	Native audit / Script / Manual	—	How the field is populated (see below).
Script	text	PowerShell (Windows) or OID (SNMP)	—	Required when Filling method = Script.

Filling methods

Method	Used for	Notes
Native audit	Values that AlloyScan can read through its standard audit pipeline.	No script required.
Script	Values that need a script to be collected.	For Windows fields, the script is PowerShell. For SNMP fields, the script is an SNMP OID (with MIB-based OID selection available).
Manual	Values entered by a person rather than collected automatically.	The field is editable on the device form.

Note: Details may vary by deployment.

Constraints

Custom audit fields are scoped to a single Device type (and to a Device subtype for SNMP). A field defined for Windows computers does not appear on macOS, Linux, EC2, or SNMP devices.
Values are populated on the next audit after the field is created. Existing snapshots are not retroactively re-audited.
Custom audit fields integrate with Change tracking: the Custom audit fields category on Admin Center > Site Settings > Settings > Change tracking lists each field as a sub-attribute that can be ticked to track value changes.
Custom audit fields appear as columns in Inventory grids, as filter / Group By targets in saved views, and as columns in Reports exports.
Only Administrators create, edit, or delete custom audit fields.

Per-device-type type matrix

Device type	Type options	Filling method options	Typical script
Windows computer	Memo / String / Table / Logical (and others depending on deployment)	Native audit / Script / Manual	PowerShell
SNMP device (Printer / Switch / Other)	Memo / String	Script / Manual	SNMP OID
EC2 instance	Subset depending on deployment	Native audit / Manual	—

Note: Confirm the exact type and filling-method enum per deployment.

States

A custom audit field has the following implicit states:

Defined, not yet collected — the field exists; no device snapshot has provided a value yet.
Populated — at least one device has a value collected via the configured filling method.
Stale — the value persists from a previous audit; if the next audit cannot collect a fresh value, the previous value is retained rather than blanked.

Device form Reference — where collected values appear on the device
How to create a custom view — show or filter custom field columns
PowerShell Examples for Custom Audit Fields — sample scripts for Windows custom fields
About Inventory — how custom fields fit alongside built-in audit data