Auditing the SharePoint Server is required to keep a check on the activities of the users and the states of the shared documents. In addition, it also lets an organization to comply with the regulatory standards of different compliances such as PCI DSS, HIPAA, GLBA, and FISMA. One can audit the SharePoint Server either using the native method or third party tools. Auditing the SharePoint using the inbuilt method is not easy because the records are being stored in the form a table inside the connected SQL Server database. The user first has to enable the auditing and then fetch the reports. Let us have a look at the steps involved in auditing the SharePoint through native method to figure out the involved complexities.
Enabling the Auditing
The native auditing of SharePoint can be enabled only for one site collection at a time. Enabling the auditing of a SharePoint environment containing thousands of site collections, sites, and subsites is a time consuming and cumbersome task.
Fetching the Auditing Reports
You’ve to perform the following steps to fetch an auditing report for a site collection.
Crashing Situation
What happens when the SharePoint Server crashes? You’re not able to access the auditing reports through the native Central Administration console. In fact, there is no way to open the Central Administration URL if the server has crashed. In addition, there is no precise way to know what all changes have caused this crashing situation.
What’s the solution?
A third party tool is required to perform the auditing of a SharePoint Server. It should deliver a user-friendly interface and easy operations to collect the logs and show auditing reports. LepideAuditor for SharePoint(http://www.lepide.com/sharepoint-audit/) is such a tool that lets you audit the SharePoint Server without much difficulty. Not only it is very easy to add the SharePoint Server in it for automatic log collection, but also its generated reports are presented in a user-friendly format with different filters. The reports and very recent changes are accessible even if the SharePoint Server has crashed. This will let you notify the crucial changes responsible for the crashing of SharePoint.
Enabling the Auditing
The native auditing of SharePoint can be enabled only for one site collection at a time. Enabling the auditing of a SharePoint environment containing thousands of site collections, sites, and subsites is a time consuming and cumbersome task.
- Visit the Site Administration URL in the browser.
- Go to the Site Settings and click “Audit Settings Link”.
- Here, you’ll see an option for “Site Collection audit settings”.
- This will display the Configure Audit Settings panel. Here, you can select the events, which has to be audited. These are listed herein below.
- Opening or downloading documents, viewing items in lists, or viewing item properties
- Editing items
- Checking out or checking in items
- Moving or copying items to another location in the site
- Deleting or restoring items
- Editing content types and columns
- Searching site contents
- Editing users and permissions
Fetching the Auditing Reports
You’ve to perform the following steps to fetch an auditing report for a site collection.
- Go to the Site Actions menu and click “Site Settings”.
- “Go to top level site settings” link will be visible if you’re not at the root of a Site Collection.
- Click this link to go to the Site Collection Administration.
- Click the link “Audit Log Reports”. This will display the “View Auditing Reports” page, which contains the list of all auditing reports.
- Click on the report, which you want to access. This will display the option to save the report in a library on the SharePoint Server.
- Select the library where you want to save the audit report.
- Click “OK” button. This will save the selected audit report at the selected location.
- Once the report is saved, you’ll receive a message “Operation completed successfully”.
- Click the link “Click here to view the report”. This will display the audit report in Microsoft Excel.
Crashing Situation
What happens when the SharePoint Server crashes? You’re not able to access the auditing reports through the native Central Administration console. In fact, there is no way to open the Central Administration URL if the server has crashed. In addition, there is no precise way to know what all changes have caused this crashing situation.
What’s the solution?
A third party tool is required to perform the auditing of a SharePoint Server. It should deliver a user-friendly interface and easy operations to collect the logs and show auditing reports. LepideAuditor for SharePoint(http://www.lepide.com/sharepoint-audit/) is such a tool that lets you audit the SharePoint Server without much difficulty. Not only it is very easy to add the SharePoint Server in it for automatic log collection, but also its generated reports are presented in a user-friendly format with different filters. The reports and very recent changes are accessible even if the SharePoint Server has crashed. This will let you notify the crucial changes responsible for the crashing of SharePoint.