A question I get often, especially around solutions where security is a big concern is “how can we see who looked\opened\updated\deleted an item in our document library. Updates, are easy if you have versioning enabled as it tracks each update in the version history, but what if you don’t want versioning enabled or you need to track the other items? Enter SharePoint audit reports. I previously blogged a detailed post on the audit logs within SharePoint. Basically, once enabled they will record everything that occurs within the site depending on the settings you select. You can find more information on it here. However, the problem with audit reports is you need site collection admin access to see them. This does not work in many instances as most end users don’t (and shouldn’t) have that level of access to your site collection. So how do you get them the reports without manually running the report for them each time they require it? This is what we are going to cover in this series. This post specifically will assist you in preparing the data for your users from the SharePoint GUI.
Quick Note: this may be an old topic, in fact I know it is. I started this blog two years ago and apparently forgot about it. I was going to trash it when I came across it but remembered that I still see a number of requests for setting up audit reports to automatically run for others. So I decided to complete it since it is still relevant for all versions of SharePoint including SharePoint Online
Pre-Configure is the Only Way to Go
As the heading states, you can only auto-generate a report if you pre-configure it. This is because the users that want to view the data don’t always have admin roles and you usually don’t want them to. So the option is for you to pre-configure the reports and send them to a location they can access. One thing to note: using the GUI you can only generate a single report. You can’t create multiple reports that gather different data. So my recommendation is you extract all the data and they can filter it as they require. Remember though that this means everyone is going to see all the data. Make sure that only the users that should be able to see all the data get access to these reports.
Auto-Generate SharePoint Audit Reports
So since you need site collection admin access, it’s pretty obvious that you will also need to do this from the site collection admin page. So start there and under Site Collection Administration you can click on Site collection audit settings.
SharePoint On-Prem and Online Site: O365 Group:
Next set up the following options:
- Set Automatically trim the audit log for this site to Yes.
- If you wish the report to cover a certain number of days, enter that in the next text box
- Select where you wish to store the reports. Make sure it is in a document library that only the required users have access to.
- Because you can only create one report, I select specifying all the items to be trimmed.
One important note before I finish the blog. With this enabled, you won’t be able to create ad-hoc reports (whenever you want) after the data has been trimmed. So if you are looking for information that occurred 35 days ago, you will have to go to the report generated. This method isn’t a true report generation so much as exporting of the logs to a different source.
Comment below if you have any questions. I am going to be posting some other options around generating audit reports in a future post or two.
Thanks for reading!
Comments
Thanks David, good post. I will try it out in one of my Sharpoint Online sites. It will be great if you could also add a sample view of what the report looks like and whether you can connect it to something like Power BI.
Great ideas Jose. I’ll look at doing the report example in my next post. I also hope to do a post in the near future on integrating PowerBI with SharePoint logs.