Auditing in MOSS 2007

by mderaeve 12. July 2007 05:12

MOSS 2007 auditing. In many cases it is useful to know how many times a document is opened.Sometimes even when and who? Moss 2007 offers auditing as a standard solution for this need. This is what Microsoft has to say about Auditing: Office SharePoint Server 2007 goes even further and enables auditing at the list or document library level, and control over what types of events should be recorded in the audit log. Office SharePoint Server 2007 also provides a reporting function that uses Microsoft Office Excel workbooks to display and keep records of audit logs. Therefore, Office SharePoint Server 2007 enables you to take advantage of the Windows SharePoint Services auditing support without having to write any custom code. In MOSS 2007 it is possible to track several events on list items.This is done with information management policies. Here’s a good definition about the extra’s Sharepoint server 2007 provides: Office SharePoint Server 2007 provides an administrative user interface that allows you to enable and configure auditing without having to write any code. And office SharePoint Server 2007 provides a reporting aspect. More specifically, Office SharePoint Server 2007 makes it possible to generate Excel workbooks that contain the information about audit events within the Windows SharePoint Services audit log.  So MOSS makes it easy for us to track and report usage of documents and lists. Here how Microsoft describes the configuration of auditing: 

We start by examining the built-in Office SharePoint Server 2007 support for configuring auditing within a site collection. Go to the site setting page of any site within a server farm that has Office SharePoint Server 2007 installed. You find that many links are added here by Office SharePoint Server 2007-specific features. Inside the Site Collection Administration section, locate a link with the caption Site Collection audit settings as shown in Figure 7.

 

Figure 7. Site Collection Administration

 

 

Clicking the Site collection audit settings link opens an Office SharePoint Server 2007-specific application page named AuditSettings.aspx. This page provides a user interface (Figure 8) for enabling and configuring auditing settings for the current site collection. As shown in the Figure 8, the AuditSettings.aspx application page makes it possible to configure site collection auditing at various levels of granularity.

 

Figure 8. AuditSettings.aspx page

 

 

In addition to configuring auditing at the site collection level, Office SharePoint Server 2007 also enables you to configure auditing at a much more detailed level. This support is made possible through the information management policies feature that is included in Office SharePoint Server 2007.

An information management policy consists of a set of rules that a site administrator can define and then apply to a certain type of content. The rules for an information management policy are created and configured in terms of policy features. Features that are provided by default with Office SharePoint Server 2007 include support for auditing, expiration, document labels, and bar codes. The programming model for policy features is also extensible, which allows developers to create their own custom policy features. For developer resources, see the appendix at the end of this article.

Office SharePoint Server 2007 enables you to create and configure an information management policy for a specific instance of a list or document library. You can also create an information management policy for a content type, which then applies to list items and documents in any list or document library that is defined in terms of that content type. The ability to apply information management policies to content types is valuable because it provides more granular control than site collection level auditing. It also mitigates the need to configure audit settings at the level of list instances or document library instances.

Office SharePoint Server 2007 also enables you to define information management policies at the site collection level. This provides extra manageability, because you can define an information management policy once within a site collection, and then apply it to your choice of lists, document libraries, and content types within that site collection.

The Site Settings page has a link with the caption Site collection policies. If you click this link, it opens an application page named Policylist.aspx. This allows you to configure a custom policy, which is scoped to the current site collection. Figure 9 shows an example of a custom policy that was created to configure a standard set of audit events that can be applied to any list, document library, or content type.

 

Figure 9. Custom policy page

 

 

After you define a custom policy at the site collection level, you can then go to the List Settings page for a list or document library. You find a link with the caption of Information management policy settings, as shown in Figure 10. If you click this link, it redirects you to an application page named Policy.aspx, which enables you to create a new information policy. Alternatively, you can apply a policy that is already defined at the level of the site collection. On a server farm with Office SharePoint Server 2007 installed, the Windows SharePoint Services page that enables you to create and configure content types also provides a link that takes you to Policy.aspx. Here you can also create or apply policies.

 

Figure 10. List Settings page

 

 

Figure 11 shows the options that are available through the application page policy.aspx. This is a simple way to apply a custom policy created at the site collection level. It also enables you to define and configure a unique policy that applies only to the current list, document library, or content type. In many cases it promotes a higher level of manageability. For example, you can create all of your policies at the site collection level, and then simply apply your policies to the appropriate lists, document libraries, and content types.

 

Figure 11. Applying custom policies

 

 

This  can also be found at:http://msdn2.microsoft.com/ look for: OfficeSharePointServer2007 ValueAddedSupportforAuditing  When you start using this nice feature, you may find strange results when generating a report. This is because most events only work with office documents. If you try to check how many times a specific pdf document in a library has been viewed, it's impossible. So if you need to now how many times a certain non-Office document has been viewed, then you find yourself writing custom code. Maybe I'll try to figure this out later on.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags: moss, auditing

MOSS 2007

E-mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (12) | Post RSSRSS comment feed

Related posts

Comments

April 4. 2008 18:18

trackback

Trackback from Dirk Van den Berghe SharePoint Admin Blog

MOSS 2007 auditing by Mark Deraeve

Dirk Van den Berghe SharePoint Admin Blog

May 7. 2008 05:17

trackback

Trackback from Satisfy Me

Lenovo X300 video and what I've read this past week, compiled in record time

Satisfy Me

September 27. 2008 06:18

Gravatar

Hi,

Nice articles on auditing. I have a few inquiries:

1) Where does the Audit logs reside? Is this in the Site Content Database?

2) How do we calculate how much space we need for auditing?

3) Does the audit logs get counted toward the Site Quota?


Thanks,
Jaxy

Jaxy us

October 4. 2008 14:04

Gravatar

I strongly think it is stored in the Site Content Database and will increase the amount of space needed for your site. How to calculate depends on what kind of auditing you are using.

Mark be

October 4. 2008 14:21

Gravatar

A good, better article can be found here:
http://msdn.microsoft.com/en-us/magazine/cc794261.aspx

Mark be

October 9. 2008 09:26

Gravatar

Hi,

Could you find out the how we can find out about the non-microsoft downloads in MOSS 2007.

Thanks,
Iti

iti tomar in

October 10. 2008 12:27

Gravatar


Mark, you are correct indeed that the Audit entries/logs go into Content DB but the curiousity remains:

-how can we tell how large is this audit log/

- does the audit logs get counted toward the Site Quota?

With the new STSADM command trimAuditlogs we can delete old entries but does not tell the size of the audit logs ...

Jaxy us

December 12. 2008 22:31

Gravatar

Hi,

Good article on auditing.

I would like to know how to get an audit report if the contents of a page have been modified or changed.

Thanks.

Don

January 21. 2009 03:10

pingback

Pingback from keyongtech.com

Extended Logging in MS Office Sharepoint Server 2007 | keyongtech

keyongtech.com

February 27. 2009 20:35

pingback

Pingback from whitworth.org

Auditing in MOSS 2007 | Rickey Whitworths Blog

whitworth.org

March 5. 2009 16:06

Gravatar

I too was wondering if you found a solution to the non-microsoft documents (specifically pdf's) issue?

Tim us

May 8. 2009 05:08

Gravatar

Sorry, I did not get time to investigate this. I'm currently working on too many things.
I'll hope to have more time in the near future to go deeper in auditing. I think by now there should be a lot more to find on auditing on the internet?

Mark be

Add comment


(Will show your Gravatar icon)  

  Country flag




Live preview

July 4. 2009 03:50

Gravatar

Powered by BlogEngine.NET 1.1.0.2
Theme by Mark Deraeve

Calendar

<<  July 2009  >>
MoTuWeThFrSaSu
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789

View posts in large calendar

Recent posts

Archive

Categories


Archive

Downloads

OPML Dailycode.Net downloads

Blogroll

Download OPML file OPML
Locations of visitors to this page

Tags

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

© Copyright 2009

Sign in