Home » Office 365 » Efficiently Enable SharePoint Auditing Office 365 – Procedural Methods
Office 365, SharePoint ~ 6 Minutes Reading

Efficiently Enable SharePoint Auditing Office 365 – Procedural Methods

author
Published By Mohit Jha
admin
Approved By Admin
Calendar
Published On July 5th, 2024
Auditing at regular intervals is necessary for organizations to secure their data and ensure the integrity of the organization. In this guide, we are discussing the steps that are required to enable SharePoint auditing Office 365. However, we are also discussing what is a SharePoint audit and why it is important. Additionally, we are discussing how you can save Office 365 files in your local storage for compliance and audit purposes.

Auditing SharePoint is vital for a variety of reasons, the first of which is to protect your intellectual property. Many businesses are aware of the scenario; when an employee leaves the firm or an external contractor completes his term, there is always the chance that the employee or contractor would download a slew of papers to a local drive and take them with them. After this one question can pop up in someone’s mind how to enable SharePoint auditing Office 365?

I am using Office 365 and SharePoint Online is there any way through which I can record my user log? Or is there any other way where I can download the user data on local storage for compliance purposes?

—Steve Parkinson

Sure you can record the user log by using auditing in Office 365. Here is the detail about how to enable auditing in SharePoint Online and a brief introduction to SharePoint Audit. 

What is a SharePoint Audit?

SharePoint auditing is a feature that lets you monitor user activity on your SharePoint sites and in Office 365. This includes information about who read, created, altered, uploaded, downloaded, and deleted files and folders. You can also track sharing actions like invitations and access requests, as well as synchronization activity.

Why is SharePoint Audit Important?

One of today’s main political issues was sparked by a former SharePoint administrator who downloaded and publicized those papers after his contract was terminated. While there are ways and strategies to avoid this from happening, none of them can ensure that such an occurrence will not occur. A SharePoint change log can tell you if and when something happened, allowing you to respond swiftly and limit the possible damage. Let’s see the available audit reports that are available in SharePoint to understand the process to enable SharePoint auditing Office 365.

What is the Purpose of SharePoint Auditing?

  • Security: It helps to monitor unauthorized access on your site or changes.
  • Compliance: It ensures the SharePoint site environment complies with the legal and ethical regulations of an organization.
  • Performance: With the help of SharePoint auditing you can track and improve the performance of SharePoint sites and services.
  • Track Changes: You can also easily understand how users are interacting and making changes in the SharePoint site to optimize the user experience.
  • Troubleshooting: You can identify and resolve issues more efficiently by tracking changes and user activities.

SharePoint Audit Reports are Currently Available.

When you activate SharePoint Auditing, you will be able to access several predefined audit reports. You can use these reports to determine who is doing what with SharePoint material.

  • Content changes: Reports on changes to content, such as updating, deleting, and checking documents in and out.
  • Content type and list modifications: This report includes additions, updates, and deletions of content types and SharePoint lists.
  • Content viewing: Shows users who have seen content on a website.
  • Deletion: Reports on the data that have been deleted.
  • Custom reports: In addition to standard reports, you can construct your own reports. You can define filters for your custom reports, such as limiting the report to a specific set of events or items in a particular list.

How to Enable Auditing In SharePoint Online?

Enable SharePoint auditing Office 365: You can enable it using the Microsoft Purview compliance portal. 

Follow the below steps:

  • Step 1. Access the Microsoft Purview compliance portal at Pureview.
  • Step 2. Log in with your Microsoft 365 administrative credentials.
  • Step 3. Once logged in, go to the “Solutions” area and then click “Audit”.
  • Step 4. Find a banner that says “Start recording user and admin activities” and click on the banner.
  • Step 5. Microsoft Defender may remind you to approve upgrading your organizational settings. Select “Yes”.
  • Step 6. Finally, click the “Turn On” button to start the audit logging.

You can also follow the same steps to apply in OneDrive. Hence, you have successfully learned how to enable SharePoint auditing Office 365.

Enable SharePoint Auditing in Office 365 Using PowerShell

You can also automate the process by copy-pasting these commands in PowerShell. Go to Windows>> search For PowerShell>> click on it.

Now Copy these Commands and Paste it into PowerShell:

#firstly, you have to create a credential object.
$UserCredential = Get-Credential
#Now you have to open the credentials prompt:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange - 
ConnectionUri https://outlook.office365.com/powershell-liveid/ -
Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session 
# Now You have to enable admin audit log
Set-AdminAuditLogConfig -UnifiedAuditLogIngestionEnabled $true
# Command to get mailboxes 
$Mailboxes = (Get-Mailbox)
# Group mailboxes for enabled auditing
$Group = $Mailboxes | Group-Object AuditEnabled,AuditDelegate | Select-Object
"Name","Count",@{Name="Account"; Expression={ $_.Group.Identity }}
$Group | Format-Table -AutoSize
#Command to audit everyhthing from every mailbox
Get-Mailbox.Identity | % { Set-Mailbox -Identity $_ -AuditDelegate SendAs,SendOnBehalf,Create,Update,SoftDelete,HardDelete
-AuditEnabled $true }

Note: To perform this step you should know PowerShell commands and scripting, this step requires more attention and effort.

Sometimes after enabling SharePoint auditing, some users face the problem where their SharePoint list vanishes from the site. You can read about the solution for the SharePoint list not showing all items by clicking on this link.

Final Wordings!

To conclude, we have discussed steps to enable SharePoint auditing Office 365. However, we have also discussed the brief introduction and why it is important to enable auditing. Additionally, we have also shown the purpose of SharePoint auditing and how you can perform it using PowerShell. Moreover, we have successfully answered the user query.

Frequently Asked Questions

Q1. How do I enable Auditing in SharePoint Office 365?

Go to the Microsoft Purview compliance portal>>Log in with your Microsoft 365 as Admin>>Go to the “Solutions” >> Click on “Audit”>> Click on the “Start recording user and admin activities” banner>> Select “Yes” when prompted>>Click the “Turn On” button.

Q2. How do I ensure Microsoft 365 audit log search is enabled?

You can follow the steps to enable the Auditing in Sharepoint and check whether the audit log is enabled or not.

Q3. How do I enable Auditing on all mailboxes in Office 365?

You can refer to the PowerShell Method where we have shown the commands for enabling auditing for all mailboxes.

Q4. How to audit SharePoint permissions?

Open “Site Settings” → Select “Site Collection Administration” → Access the “Audit log reports” page. To view all of the permission modifications made in your SharePoint environment, select the “Security Settings” report.