The adventure of today is: Auditing Sharepoint!

Did you know that Sharepoint can generate audit reports ?

Ok for me those tools are more logging than auditing, but as the Sharepoint’s terminology call that Audit, I will call it like that.

From my point of view the contents of the reports are impressive FOR a out-of-box solution, maybe after learned the feature of those you will tell: “I know better tools for auditing an intranet”.

And you will be right, but your solution or tool will probably be more expensive than using the OOB tools because it will be from third parties or custom dev, but there will be maybe more accurate or provide a real analysis than just data.

So to make it short what does that auditing tool ?

You can generating reports at documents or item level, you can log:

• Opening or downloading documents, viewing items in lists, or viewing item properties
• Editing items
• Checking out or checking in items
• Moving or copying items to another location in the site
• Deleting or restoring items

And list, libraries and sites you can log:

• Editing content types and columns
• Searching site content
• Editing users and permissions

Now the important question is how can you use it ?

First you have to choose what to log, to do it, simply go into the “Site Settings” and in the column “Site Administration Collection” you will find the item “Configure Audit Settings”.

Here you can check everything you want.

Configure Audit Settings

After you will have all configured, you can check the reports, the big surprise is that they are generated in .xml, a very good point, because you can open it with exel and easily create charts, use pivot table and other funny things.

Here is the list of full proposed records.

View Auditing Reports

You can in the screenshot, that you can customize more the settings of the auditing reports,  you can choose to log a specific list or site for example.

I’ve applying a log on the deletion action, uploaded some file in a doclib a deletem them, here is the generated reports about the deletion:

Deletion Report 1

The first tab is an overview with only the count of deleted items and their location in the portal.

The second tab (Report Data), tell more details, like who has deleted the docs and when, which is more useful to trace what really happen on the portal.

Deletion Report 2

Hope you have found that post interesting.