locked
Logging/Auditing RRS feed

  • Question

  • Hi,

    I would like to know how the logging capabilities of SharePoint have been improved.
    Will file/list item/list/web/site collection deletions be logged anywhere? Permission changes logged?
    We have a really hard time trying to track down who made an action when users complain that they lost their data, or that somebody removed a member from the team, etc.
    Please note that we are using WSS 2.0... ehm.

    Thursday, October 22, 2009 7:41 PM

Answers

  • In 2010 (Server) on Documents and Items you have:

    Opening or downloading documents, viewing items in lists, or viewing item properties
    Editing items
    Checking out or checking in items
    Moving or copying items to another location in the site
    Deleting or restoring items

    and on Lists, Libraries, and Sites you have:

    Editing content types and columns
    Searching site content
    Editing users and permissions

    You also have the ability in 2010 to enable Audit Log Trimming which includes storing the current audit data in a Document Library.

    ULS is improved through several facets including the introduction of a new and extensible Logging database, configurable noise suppression (Event Log Flood Protection), throttling, correlation Ids, and control of the amount of disk space used by logs as well as native compression of said logs - at the end of the day you can expect an approximate 50% savings in size of ULS logs as a result.

    IRT to Web Analytics I'm happy to answer any questions I can.


    Bill Baer
    Friday, October 30, 2009 6:37 PM

All replies

  • Auditing should provide the bulk of the information you are seeking to capture, both in 2007 and 2010 respectively.  IRT to usage logging and/or analytics, please let me know if there is a specific question I can address.
    Bill Baer
    Thursday, October 29, 2009 9:16 PM
  • Lets make sure we are comparing apples to apples. The orignal post states they are using WSS 2.0. I don't believe that WSS 3.0 has Auditing capabilities that you looking at (I know MOSS 2007 does).

    That leads to the Core question "Does SharePoint Foundation 2010 have the ability to Audit user actions including opening documents, editing permsions, etc.?". I would also be interested in knowing if there are differences in the logging (which has been stated is drastically improved) between SharePoint foundation 2010 and SharePoint Server 2010.

    I am also excluding any IIS Logs, Google analytics, etc. where you can gather some of this type of information since that is not really "within SharePoint".

    THanks
    Eric VanRoy
    Friday, October 30, 2009 5:54 PM
  • In 2010 (Server) on Documents and Items you have:

    Opening or downloading documents, viewing items in lists, or viewing item properties
    Editing items
    Checking out or checking in items
    Moving or copying items to another location in the site
    Deleting or restoring items

    and on Lists, Libraries, and Sites you have:

    Editing content types and columns
    Searching site content
    Editing users and permissions

    You also have the ability in 2010 to enable Audit Log Trimming which includes storing the current audit data in a Document Library.

    ULS is improved through several facets including the introduction of a new and extensible Logging database, configurable noise suppression (Event Log Flood Protection), throttling, correlation Ids, and control of the amount of disk space used by logs as well as native compression of said logs - at the end of the day you can expect an approximate 50% savings in size of ULS logs as a result.

    IRT to Web Analytics I'm happy to answer any questions I can.


    Bill Baer
    Friday, October 30, 2009 6:37 PM
  • Why can't people, if they do reply, provide an exact answer? I've been searching the web all over to find the answer to a question:

    Does SharePoint Foundation 2010 provide an out-of-the-box auditing capabilities?

    There is a reference that it does:

    http://office.microsoft.com/en-us/privacy-supplement-for-microsoft-sharepoint-designer-2010-HA101108410.aspx (See the SharePoint Foundation 2010 Auditing paragraph)

    However, looking all over the administration page, Site Settings etc. I could not find an option to turn this on in SharePoint Foundation 2010 (those options are there for SharePoint Server 2010).

    There is also a possibility that it has to be turned on by code, like it was for WSSv3. Is that the case?

    Wednesday, January 12, 2011 2:35 PM
  • Hi, 

     

    Kamil Jurik is wrong. You can enable auditing in SharePoint 2010 Foundation. It can be done:

    a) in code using SharePoint API

    b) using PowerShell

    There is no user interface to enable audit, like it is in SharePoint 2010 Server, but you still can enable audit.

    Please look here for reference:

    http://msdn.microsoft.com/en-us/library/bb418729(v=office.12).aspx


    Slava G
    http://wyldesolutions.com
    http://wyldesharepoint.blogspot.com
    Thursday, June 23, 2011 2:02 AM
  • Shameless plug: you can also use LOGbinder SP which enables auditing on Foundation, exports audit events to the Windows event log and trims the SharePoint audit log. www.logbinder.com
    Randall F Smith
    Thursday, July 14, 2011 1:11 PM