Configuring Auditing in SharePoint 2010
Auditing comes out of the box in SharePoint 2010. Although there is nothing to prevent you from doing so, auditing is not the tool to use to track what users are doing to satisfy curiosity. Auditing is something you do because you have to. It is something you are required to do in order to be compliant with a law, or standard, or some business rule. As long as we understand what we are required to audit, it's so easy to set up, even the fictional character The Mangler would do it, and he isn't one to want to comply with anything.
If you are interested in seeing how people are using your site collections and or sites, the built in Web Analytics tools are awesome in SharePoint 2010 and should give you everything you need there.
Auditing can be configured for a site collection, a list or library, or based on a content type as part of an organizations information management policy.
There are of course a few ways of going about this but I'm going to keep it simple.
In this blog I have created a site collection and based it on the Team Site template. I will configure auditing on the Shared Documents library.
I will configure auditing on the following:
- Opening or downloading documents, viewing items in lists, or viewing item properties.
- Editing Items
- Checking out or checking in items
- Moving or copying items to another location in the site
- Deleting or restoring items.
You will have to be a Site Collection Administrator in order to complete all the tasks in this blog.
Library Settings
I click on Library > Library Settings in the Shared Documents document library.
Information Management
I click on Information management policy settings
Content Type
I click on Document since that's what I'm auditing.
Enable Auditing
I select the checkbox next to Enable Auditing
Select Events to Audit
I select the events to audit by checking the box next to them. In this case I check all of them and then I click OK.
Verify
I verify the fact that Document has a Custom policy attached to it.
Test
I added a bunch of documents to the Shared Documents Library, checked some out, deleted some, and restored them so now I'll check the audit log reports to make sure it's working. To do this I'll go Site Actions>Site Settings
Audit Log Reports
I click on Audit Log Reports in the Site Collection Administration section.
Deletion
I can choose any of the reports that I want but if there is no data I will get an error saying there is not data. Since I know that I deleted and restored some items I'll choose Deletion.
Save Location
I'll save this report to the Shared Documents Library, however in production this is where I create a document library with unique permissions so only Site Collection Administrators can see the contents. I click on Browse.
Shared Documents
I select Shared Documents and click OK.
Click OK
I click OK
View Report
I click to view the report.
the Big What Moment
I see a summary of my actions. The really important information however is in the Report Data Worksheet Tab so I click that at the bottom of the workbook.
View Data
This is the report data that can be tied into IIS logs and supply any required information.
There is much more to auditing but this is a good start. It's boring but it works.
Enjoy!
Spike Xavier
SharePoint Instructor – Interface Technical Training
Phoenix, AZ
A Simple Introduction to Cisco CML2
Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2
Configuring Windows Mobility Center and How to Turn it On and Off
Video transcription Steve Fullmer: In our Windows training courses, we often share information about the Windows 8.1 Mobility Center. Mobility Center was introduced for mobile and laptop devices in Windows 7. It’s present and somewhat enhanced in Windows 8. Since we don’t have mobile devices in our classrooms, I decided to take a little bit … Continue reading Configuring Windows Mobility Center and How to Turn it On and Off
OSPF Adjacency Troubleshooting Solution – Getting Close to the OSPF adj
In this video, Cisco CCNA & CCNP instructor Mark Jacob shows how to troubleshoot OSPF Adjacency issues by showing the distance between routers with the show ip ospf neighbor command.
Write a Comment
See what people are saying...