Home > > Configure Audit Settings for SharePoint 2013 Sites using PowerShell

Configure Audit Settings for SharePoint 2013 Sites using PowerShell

, , , ,
Audit log feature in SharePoint helps us to analyze how SharePoint contents are being used by users or to track documents and users in accordance to compliance requirements. SharePoint 2013 audit log configuration is explained in my another post: Configuring Audit Logs Feature in SharePoint 2013 . Lets see how to enable auditing feature in SharePoint 2013 using PowerShell.

PowerShell to set SharePoint 2013 Audit Log Settings
To set SharePoint 2013 site collection audit settings using PowerShell, use this script:
Add-PSSnapin Microsoft.SharePoint.Powershell -ErrorAction SilentlyContinue

$SiteCollURL="http://intranet.crescent.com"

#Get the site collection
$Site = Get-SPSite $SiteCollURL

#Define Audit Events
$AuditLogEvents = "Delete", "Update" 

$Site.Audit.AuditFlags = $AuditLogEvents
$Site.Audit.Update()

#Set Trimming Options
$Site.TrimAuditLog = $true
$Site.AuditLogTrimmingRetention = 10

Configure Audit log Settings for All Sites in SharePoint 2013
$WebApp = Get-SPWebApplication "http://sharepoint.company.com"
$AuditMask = [Microsoft.SharePoint.SPAuditMaskType]::Delete -bxor [Microsoft.SharePoint.SPAuditMaskType]::Update -boxr [Microsoft.SharePoint.SPAuditMaskType]::SecurityChange

$WebApp.sites | % {

$_.TrimAuditLog = $true
$_.Audit.AuditFlags = $auditmask
$_.Audit.Update()
$_.AuditLogTrimmingRetention = 30
}
}

For all available audit masks, refer MSDN: https://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spauditmasktype.aspx

Post updated on: 2018-03-27T12:02:50Z

Advertisement:


Related Posts:

5 comments:

  1. AnonymousFebruary 3, 2017 at 9:28 PM

    Is there a way to enable Auditing at the list and library level of Information Management Policy Settings?

    ReplyDelete
  2. JoeApril 20, 2018 at 12:52 AM

    We are finding that when running this from a ps session from a remote server (non-shareoint)connecting to sharepoint server this does not work.

    Exception setting "AuditLogTrimmingRetention": "Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))"
    At line:9 char:1
    + $_.AuditLogTrimmingRetention = 30
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
    + FullyQualifiedErrorId : ExceptionWhenSetting

    ReplyDelete
  3. AnonymousMay 29, 2020 at 12:43 AM

    hi, thanks for the script.
    how do i set the location to store audit reports

    ReplyDelete
    Replies
    1. godblessamericaJune 1, 2020 at 10:26 PM

      following the blog. appreciate the response

      Delete
    2. Salaudeen RajackJune 3, 2020 at 6:26 PM

      This is not possible, As far as I know..

      Delete

Please Login and comment to get your questions answered!

Subscribe to: Post Comments ( Atom )
Powered by Blogger.