MONITORIZACIN Y AUDITORIA ARTICULO 1

New Analytics in SharePoint 2013

With the arrival of SharePoint 2013, the analytics engine has been completely revamped given much more importance than the previous version. The main reason Microsoft has put so much effort into improving the analytics engine is because of SharePoint 2013s emphasis on search and how analytics will greatly improve result relevance. Things like views, click distance, social tags and social distance are all things were used to with search engines and social networking sites and will now be part of SharePoint 2013s new arsenal. If you are planning to do a SharePoint migration soon, this will be good to know. Lets have a look in detail.

Usage Reports (Popularity Trends)

Unlike reports in its predecessor, SharePoint 2013 generates usage reports via Excel. This makes sense since it allows you to manipulate the data in ways you wouldnt image through a web interface. The report shows historical data on hits and unique users. As with SharePoint 2010, its possible to view this data at a site collection and site scope but now its even possible for a specific document or page. Accessing this data for the site collection and site is done through the site settings page:

For a specific page, you can access the popularity trends through the ribbon, under the Share & Track group:

The report format doesnt change depending on the source scope. For example, this is what the report for my home page looks it (notice the Item: Home indicates what the report data source):

Reports are generated for a daily and monthly basis and allows you to manipulate the data as you wish.

Most Popular Items

Besides reports, the analytics also integrates with search results. One example of this is the Most Popular Items functionality which allows you to generate search results sorted on different popularity criteria. To access this functionality within a document library, click the Most Popular Items button in the ribbon:

Once you click this button, youll get search results for the document library which you can view by: 1. Most viewed 2. Most viewed by unique users 3. Most recommendation clicks (based on usage patterns)

You can also filter the results with your own search query using the normal query text box. Also, if you have access to the Search-Driven Content Web Parts (enterprise, on-premise), you can use the Popular Items Web Part to show the results on a different page. All this is, is a pre-configured Content by Search Web Part.

Use it with your Search Results Web Part

Ok, so consider the scenario where youre not in an Enterprise enabled on-premise farm. Can you still take advantage of the analytics data in your search results? Sure! By using the search results Web Part, you can configure your search query to use item views and other new managed metadata to sort your results. Consider you want to reproduce the Most Popular Items Web Part for documents in your site. All you need is to configure the query with the following parameters:

Query text: * Refiners: STS_ListItem_DocumentLibrary; docx; http://xxx Sorting: ViewLifeTime (Descending). Note: You can also choose for unique users and recent views.

As simple as that. Now I have the same results as the Popular Items Web Part. Display could need a bit of tweaking but you get the gist of it.

All in all, the new Analytics engine offers users to search based on very valuable usage patterns. Being able to know what content your users are viewing and surfacing it easily through the search capabilities is something weve all been wanting. Seems like search is now an essential part of the way users will see data in SharePoint 2013. And if you want to learn more on the new SharePoint 2013 features and the supported scenarios to migrate check out the SharePoint Migration series.

ARTICULO 2

Configure audit settings for a site collection

You can use the audit feature of Microsoft SharePoint Server 2013 to track which users have taken what actions on the sites, content types, lists, libraries, list items, and library files of site collections. Knowing who has done what with which information is critical for many business requirements, such as regulatory compliance and records management.
NOTE When multiple users are co-editing a document, auditing events from multiple authors or editors can be difficult to interpret. If this is a concern, consider limiting editing permission to a minimum number of users.

As a site collection administrator, you can retrieve the history of actions taken by a particular user and can also retrieve the history of actions taken during a particular date range. For example, you can determine which users edited a specific document and when they did this. Following is the Configure Audit Settings page. You manage the size of the audit log in the Audit Log Trimming section and specify which events to audit in the Documents and Items and Lists, Libraries, and Sites sections. You can also specify the maximum number of days that items will be retained, instead of relying on the default, which at the end of each month, removes items that have been retained for more than 30 days.

The events that you select to audit are captured in audit reports that are based on Microsoft Excel 2013 and are available from the Auditing Reports page. You can also create a custom report that includes a number of these events over a specified date range, within a specific area of the site collection, or filtered to an individual user. You cannot modify events once they are

logged, but site collection administrators can delete items from the audit log and configure automatic trimming of the audit log data.

Auditing event information

The audit log captures the following information for the events that are selected to be audited.

Site from which an event originated Item ID, type, name, and location User ID associated with the event Event type, date, time, and source Action taken on the item Following is an example of the data in a Deletion audit log report. With this report, you can determine who deleted and restored data across the site collection. You can use the features of Excel to filter, sort, and analyze the data.

Trimming the audit logs

When you select an event to be audited for a site collection, such as delete and restore, it will be audited for every item in the site collection each time the event occurs. Auditing can potentially generate a large number of audit events, creating a large audit log. This could fill the hard drive, affecting performance and other aspects of a site collection.
IMPORTANT To prevent the audit log from filling the hard drive and potentially degrading the performance of the site collection, we recommended that you enable audit log trimming for site collections with extensive auditing.

To manage the size of the audit log you can configure it to automatically trim and optionally archive the current audit log data in a document library before the data is trimmed. The schedule for audit log trimming is configured by your server administrator in Central Administration. The default is the end of the month.

Configure audit log trimming

1. 2. Click Settings > Site settings. If you are not at the root of your site collection, under Site Collection Administration, click Go to top level site settings.

NOTE

The Site Collection Administration section will not be available if you do not have the necessary permissions.

3. 4. 5.

On the Site Settings page, under Site Collection Administration, click Site collection audit settings. On the Configure Audit Settings page, in the Audit Log Trimming section, set Automatically trim the audit log for this site? to Yes. Optionally, specify the number of days of audit log data to retain.

NOTE We recommend that you do not set this option unless business needs dictate otherwise. If this option is not set, it will use the Farm setting, which removes items that are more than 30 days old at the end of the month by default. A business need could be that your organization has a requirement to maintain your audit log in a non-archived format for a different time period. The archived format is the audit log report.

6. 7.

Optionally, specify the document library to save audit reports to before the audit log is trimmed. Set this option if you need access to audit log data, using audit log reports, after the audit log has been trimmed. Click OK. Top of Page

Configure events to audit

1. 2. Click Settings > Site settings. If you are not at the root of your site collection, under Site Collection Administration, click Go to top level site settings.

NOTE

The Site Collection Administration section will not be available if you do not have the necessary permissions.

3. 4.

On the Site Settings page, under Site Collection Administration, click Site collection audit settings. On the Configure Audit Settings page, in the Documents and Items and List, Libraries, and Site sections, select the events you want to audit, and then click OK. Which events you audit depends on your auditing needs. For example, regulatory compliance usually has specific requirements that will dictate which events you need to audit. We recommend that you only audit the events required to meet your needs. Additional unnecessary auditing can affect the performance and other aspects of the site collection.
IMPORTANT

If you are using SharePoint Online in Office 365 for enterprises, auditing for Opening or downloading documents, viewing items in lists, or viewing item properties is not available because of storage and performance concerns. We recommend that you only select Opening or downloading documents, viewing items in lists, or viewing item properties for SharePoint Server 2013 sites when absolutely needed. This option is likely to generate a large number of events that will potentially degrading the performance and other aspects of the site collection.

ARTICULO 3

View audit log reports

You can use the audit log reports provided with SharePoint 2013 to view the data in the audit logs for a site collection. You can sort, filter, and analyze this data to determine who has done what with sites, lists, libraries, content types, list items, and library files in the site collection. For example, you can determine who deleted which content. Knowing who is taking what action on which content in your site collection can be critical in helping your organization fulfill its requirements, such as meeting regulatory compliance and records management. You save an audit log report as a Microsoft Excel 2013 Preview workbook to a library in the site collection that you specify.
NOTE Auditing must be enabled to use audit log reports in SharePoint Server 2013. By default, auditing is enabled in SharePoint Online. Find more information about enabling auditing in Configure audit settings for a site collection.

In this article

Events available for audit log reports Available audit log reports View audit log reports

Events available for audit log reports

The following events are available for audit log reports to help you determine who is taking what actions with the content of a site collection:

Opened and downloaded documents, viewed items in lists, or viewed item properties (This event is not available for SharePoint Online sites) Edited items Checked out and checked in items Items that have been moved and copied to other location in the site collection Deleted and restored items Changes to content types and columns Search queries Changes to user accounts and permissions Changed audit settings and deleted audit log events Workflow events Custom events Top of Page

Available audit log reports

You can use the following audit log reports provided with SharePoint 2013 to help determine who is taking what actions with the content of a site collection:

Content modifications

Reports changes to content, such as modifying, deleting, and checking documents in and out. Reports additions, edits, and deletions to content types.

Content type and list modifications

Content viewing Reports users who have viewed content on a site. In SharePoint Online, this report will be blank as these events are not captured during auditing. Deletion Reports what content has been deleted. Run a custom report You can specify the filters for a custom report, such as limiting the report to a specific set of events, to items in a particular list, to a particular date range, or to events performed by particular users. Expiration and Disposition Policy modifications Auditing settings Security settings Reports all events related to how content is removed when it expires. Reports on events that change the information management policies on the site collection.

Reports changes to the auditing settings. Reports changes to security settings, such as user/group events, and role and rights events.

Following is a sample Deletion audit log report. It is representative of the other audit log reports.

A summary of the audit data is provided as a PivotTable on the Audit Data Table worksheet of the workbook.

The data for the report is provided on the Report Data 1 worksheet of the workbook.

Top of Page

View audit log reports

To view an audit log report: 1. On the Settings menu, click Site settings.

NOTE The Site Collection Administration section will not be available if you do not have the necessary permissions, such as by being a member of the default Site Collections Administrators group.

2. 3. 4. 5.

In the Site Collection Administration section, select Audit log reports. On the View Auditing Reports page, select the report that you want, such as Deletion. Type or Browse to the library where you want to save the report and click OK. On the Operation Completed Successfully page, click click here to view this report.

NOTES

Excel 2013 must be installed to view audit log reports by clicking click here to view this report. Alternatively, if opening documents in the browser is enabled for the library, go to the library where you saved the audit log report, point to the audit log report, click the down arrow, and then click View in Browser.

You can use standard Excel features to narrow the reports to the information you want. Some ways in which you can analyze and view the log data include:

Filtering the audit log report for a specific site. Filtering the audit log report for a particular date range. Sorting the audit log report. Determining who has updated content. Determining which content has been deleted but not restored. Viewing the changes to permissions on an item.

ARTICULO 4

How to enable the audit log in SharePoint 2013 To enable the audit log by using Central Administration

On the Central Administration home page, In the Application Management section, Click Manage service applications. Select the Secure Store service application. On the ribbon, click Properties. From the Enable Audit section, Click to select the Audit log enabled box. To change the number of days that entries will be purged from the audit log file, specify a number in days in the Days until Purge field.

The default value is 30 days. Click OK.

Configure audit settings for a site collection

Please use the following link in which Microsoft has given a very detailed description that references each and every minor point regarding audit settings:

It consists of: Auditing event information Trimming the audit logs (new enhancements in SP2010 and SP2013 as compare to earlier versions) Configure audit log trimming Configure events to audit

http://office.microsoft.com/en-us/sharepoint-help/configure-audit-settings-for-a-sitecollection-HA102866204.aspx

View audit log reports Following link will help you to understand the following points: Events available for audit log reports Available audit log reports View audit log reports

http://office.microsoft.com/en-us/sharepoint-help/view-audit-log-reportsHA102772739.aspx

Please let me know in case of any queries/questions so that we can discuss and sort it out quickly. Thank you - See more at: http://communicationsknowledge.blogspot.com.es/2012/11/how-to-enable-auditlog-in-sharepoint.html#sthash.pIxzfgC6.dpuf

ARTICULO 5

Audit Logging in SharePoint 2013 In this post, we will learn about Audit Logging in SharePoint 2013.

Audit Logging gives the following information in Site Collection:

1. Opening or downloading documents, viewing items in lists, or viewing item properties 2. 3. 4. 5. 6. 7. 8. Editing items Checking out or checking in items Moving or copying items to another location in the site Deleting or restoring items Editing content types and columns Searching site content Editing users and permissions

Below are the steps to achieve:

1. Go to Central Administration -> Manage Service Applications

2. Choose Secure Store Service

3. Then Click on the Properties in the Ribbon

4. In the Enable Audit option Select the Check Box Audit Log Enabled (the default value is 30 days and it can be changed)

5. After enabling the Audit Logging in Central Administration, we have to configure the audit settings at the site collection level and below are the steps: Go to Site Settings -> Site Collection Administration -> Site Collection Audit Settings

Under this settings, select the settings as shown below:

Now, Audit Logging is configured for the site and now you can view the following types of Reports.

Checking the Reports Generated for the Site Collection Go to Site Collection Administration -> Audit Log Reports

Once you click on any reports, it will ask for the Report Save location. Select any of the Libraries to store the Report.

Example Report Generated Screenshot:

Select an Library to store the Report and Click OK

Report Generated in Excel

Hope this article helps you in understanding the Audit Logging in SharePoint 2013. Please feel free to share and comment about this post if it helps you.