Tuesday, September 18, 2012

Configure audit settings for a individual List/Library


So far we have seen in my previous articles how to “Configure Audit Setting for Site Collection” and “Viewing Audit log report”. 

SharePoint audit policy can be enabled at site collection level setting but this may lead in many problems potentially generate a large number of audit events, particularly when the setting for viewing items or item properties is enabled and leading to either not being able to get the events you need for important lists or libraries or else enabling too much auditing and getting way to many events.

Thankfully in SharePoint 2010, Microsoft has provided the auditing on specific document libraries or lists.

At the list and library level we have a variety of activities that can audit including:

  • Viewing
  • Editing
  • Deletion
  • Check in /Check out

List/library level audit policy is extremely important when it comes to auditing who is viewing confidential information. If you enable View auditing at the site collection level you end up generating events for every page click by every user throughout the entire site collection which will create a load on resources.

Configure audit settings for a individual List/Library

  1. On the site collection home page, select List or Library from Quick Launch or Site actions > View All Site Content.
  2. On selection of List/Library click on List/Library setting icon on ribbon.
  3. Select “Information management policy settings” link under Permissions and Management.
    image1
  4. if your list has content type then it will display folder and content type (s) to select on which we can apply the audit policy.

    image3

    image2
  5. For instance a normal document library will have 2 content types: Document and Folder. Click on a content type and configure auditing. In the example below I’ve enabled auditing of any type of view and download access since this is a library contains confidential information.
    image4
  6. once you select Ok, SharePoint will begin auditing those actions on that particular list or library.
  7. you can use “Audit Log Report” to see individual List/Library audit report.

You can also see,

Posted by at No comments:

Thursday, September 13, 2012

Viewing audit log report


As we have seen in my previous article how to “Configure Audit Setting for Site Collection”. when we enable auditing, whenever there is any action on any list/library present in the site collection according to the Audit setting for site collection events will be logged in audit data. There many out of box options available to view this audit data. we will see in this article how to use them.

  1. On the site collection home page, click Site actions, point to Site settings, and then click Modify All Site Settings.
  2. On the Site Settings page, in the Site Collection Administration section, click Audit Log Report.

    Image1
  3. One can use these following excel out of box reports to view Audit Log data collected for this Site Collection.

    Image2
  4. Each Excel type report can be customized to save in specific library by clicking on the each link.
    e.g. if you select “Content Viewing”

    Image3
  5. Type or Browse to the library where you want to save the report and click OK
  6. On the Operation Completed Successfully page, click click here to view this report.

To Manually specify the filters for your Audit Report

  1. Follow 1 to 3 step as above
  2. Select  “Run a custom report” under “Custom Reports”.
  3. Select the proper filter

    Image4
    1. File Location: Select document library where the report will be saved
    2. Location:  Select “All Lists” or single “List” to filter the audit data for report.
    3. Date Range: Specify the date range to filter the audit data.
    4. User: Specify the selected users only to filter the audit data.
    5. Events: Specify the selected events only to filter the audit data.
  4. On the Operation Completed Successfully page, click click here to view this report

You can also see,

Posted by at No comments:

Sunday, September 09, 2012

Configure audit settings for a site collection


Auditing enable us to capture action taken on various object in SharePoint such as Adding, editing, deleting, check in and check out etc. Administrator can review these audit information to produce various reports for business requirement and records management.

Site administrator can track various documents in libraries throughout the site collection. Administrator can generate a customized audit report about an individual record, item, column, content type, search or permissions. Predefined reports in excel can be used to review the audit log.

The audit log can captures the following information for the events that are selected to be audited.

  • Item name and location
  • Site from which an event originated
  • Item type (for example, list or document)
  • User ID associated with the event
  • Event date and time
  • Action taken on the item

There is no way by which you can modify the added entries where as Administrator can delete unwanted entries using SOM.

Configure audit settings for a site collection

  1. On the site collection home page, click Site actions, point to Site settings, and then click Modify All Site Settings.
  2. On the Site Settings page, in the Site Collection Administration section, click Site collection audit settings.

    Image1
  3. On Audit Setting page, select appropriate option for your site collection

    Image2
    1. Audit Log Trimming:
      1. Select “Yes” if you want to control the size of audit log. The schedule for audit log trimming is configured by your server administrator.
      2. You can also specify the number of days of audit log data to retain, this means if you specify the 3 days then only last three days log will be kept in audit log.
      3. This also provides the facility to copy your audit log data in specified particular document library before trimming started by job.
    2. Documents and Items: Here you can specify the events that we need to capture for Documents or List/Library Items.

      Following are the events that you can on/off on List/Library Items.

      • Opening or downloading documents, viewing items in lists, or viewing item properties
      • Editing items
      • Checking out or checking in items
      • Moving or copying items to another location in the site
      • Deleting or restoring items

    3. Lists, Libraries, and Sites: Here you can specify the events that we need to capture whenever there is change on List, Library, Sites or Content Types.

      Following are the events that you can on/off on Lists, Libraries, and Sites

      • Editing content types and columns
      • Searching site content
      • Editing users and permissions

  4. When you select an event to be audited, It will be audited for every item in the site collection each time the event occurs.

Note: This can potentially generate a large number of audit events, particularly when the setting for viewing items or item properties is enabled.

You can also see,

Posted by at No comments:
Subscribe to: Posts (Atom)