SharePoint Diary » Audit » Configure Audit Settings for SharePoint 2013 / 2016 Sites using PowerShell

Configure Audit Settings for SharePoint 2013 / 2016 Sites using PowerShell

February 18, 2022 Salaudeen Rajack 6 Comments configure audit log in sharepoint 2013

The audit log feature in SharePoint helps us analyze how SharePoint contents are being used by users or tracking documents and users according to compliance requirements. SharePoint 2013 audit log configuration is explained in another post: Configuring Audit Logs Feature in SharePoint 2013. Let’s see how to enable the auditing feature in SharePoint 2013 using PowerShell.

PowerShell to set SharePoint 2016 Audit Log Settings

To set SharePoint 2013 site collection audit settings using PowerShell, use this script:

Add-PSSnapin Microsoft.SharePoint.Powershell -ErrorAction SilentlyContinue

$SiteCollURL="https://intranet.crescent.com"

#Get the site collection
$Site = Get-SPSite $SiteCollURL

#Define Audit Events
$AuditLogEvents = "Delete", "Update" 

$Site.Audit.AuditFlags = $AuditLogEvents
$Site.Audit.Update()

#Set Trimming Options
$Site.TrimAuditLog = $true
$Site.AuditLogTrimmingRetention = 10

Configure Audit Log Settings for All Sites in SharePoint 2013

$WebApp = Get-SPWebApplication "https://sharepoint.company.com"
$AuditMask = [Microsoft.SharePoint.SPAuditMaskType]::Delete -bxor [Microsoft.SharePoint.SPAuditMaskType]::Update -bxor [Microsoft.SharePoint.SPAuditMaskType]::SecurityChange

$WebApp.sites | % {

$_.TrimAuditLog = $true
$_.Audit.AuditFlags = $auditmask
$_.Audit.Update()
$_.AuditLogTrimmingRetention = 30
}

For all available audit masks, refer to MSDN: https://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spauditmasktype.aspx

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

6 thoughts on “Configure Audit Settings for SharePoint 2013 / 2016 Sites using PowerShell”

Anonymous
June 1, 2021 at 5:52 PM
Permalink

can you only enable auditing for a specific events such security/permission changes? Thanks!
Reply
Anonymous
May 28, 2020 at 8:13 PM
Permalink

hi, thanks for the script.
how do i set the location to store audit reports
Reply
- godblessamerica
  June 1, 2020 at 5:56 PM
  Permalink
  
  following the blog. appreciate the response
  Reply
- Salaudeen RajackPost author
  June 3, 2020 at 1:56 PM
  Permalink
  
  This is not possible, As far as I know..
  Reply
Joe
April 19, 2018 at 8:22 PM
Permalink

We are finding that when running this from a ps session from a remote server (non-shareoint)connecting to sharepoint server this does not work.

Exception setting “AuditLogTrimmingRetention”: “Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))”
At line:9 char:1
+ $_.AuditLogTrimmingRetention = 30
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
+ FullyQualifiedErrorId : ExceptionWhenSetting
Reply
Anonymous
February 3, 2017 at 3:58 PM
Permalink

Is there a way to enable Auditing at the list and library level of Information Management Policy Settings?
Reply

SharePoint Diary

Configure Audit Settings for SharePoint 2013 / 2016 Sites using PowerShell

PowerShell to set SharePoint 2016 Audit Log Settings

Configure Audit Log Settings for All Sites in SharePoint 2013

Related Posts

Salaudeen Rajack

6 thoughts on “Configure Audit Settings for SharePoint 2013 / 2016 Sites using PowerShell”

Leave a Reply Cancel reply