The audit feature in SharePoint is used to track what actions users are taking within your SharePoint Server 2010 environment. It is typically activated to comply with compliance guidelines governing your business or the sector in which your organization is operating.
Compliance is the process of adhering to a set of established guidelines or rules established by external bodies such as government agencies or by internal corporate policies.
Auditing can be activated on multiple levels in SharePoint:
- At site collection level
- At list or library level (through list content types …)
- Across your farm using Enterprise content types
After activating auditing in SharePoint Server 2010 (SharePoint Foundation does not expose this functionality through the user interface) you will be able to generate reports on the audit data using reports which are generated in Excel. These Excel reports typically contains two worksheets, one with a pivot table to provide reporting capability and a second one containing detail information such as the SiteId, ItemId, Item Type,User Id,Document location,Occurred (Datetime),Event (e.g. Security Group Member Add),Event source,Source Name,Event Data. The scope of the audit reports is the current site collection only.
You should be careful when activating auditing and just checking all audit event types since every action which needs to monitored will add a new row of audit data. Auditing data is stored in the AuditData table of the SharePoint content database (Remember that a site collection is stored in one database – so when you have multiple database):
Use the following guidelines to estimate the space you will need to reserve for auditing data:
- Estimate the number of new auditing entries for a site, and multiply this number by 2 KB (entries generally are limited to 4 KB, with an average size of about 1 KB).
- Based on the space that you want to allocate, determine the number of days of audit logs you want to keep
Fortunately SharePoint also provides the ability to automatically trim audit logs and only keep audit data for a limited number of days with the option to either delete the audit data or export it to a document library in Excel format.