Activating Auditing Programmatically for a Site Collection in Windows SharePoint Services 3.0

Microsoft Windows SharePoint Services 3.0 includes a powerful new infrastructure for auditing user access to list items, and documents and pages. In Windows SharePoint Services, auditing is configured on a site collection-by-site collection basis. It just takes a few lines of code to fully enable the auditing for an entire site collection. When you do this, Windows SharePoint Services writes an audit entry to its audit log each time a user views or modifies a list item, document, or site page.

Many object types in the Windows SharePoint Services object model are auditable. Each of these auditable objects exposes an Audit property. You can configure an Audit property programmatically by using a set of audit flags that is provided by the SPAuditMaskType enumeration. Start by configuring the current site collection to enable all types of auditing.

SPSite siteCollection = SPContext.Current.Site;
// Turn on auditing flags.
siteCollection.Audit.AuditFlags = SPAuditMaskType.All;
siteCollection.Audit.Update();

Dim siteCollection As SPSite = SPContext.Current.Site
'*** Turn on auditing flags.
siteCollection.Audit.AuditFlags = SPAuditMaskType.All
siteCollection.Audit.Update()

Using More Granular Auditing

In some cases, you might not want to audit every type of auditable event supported by Windows SharePoint Services. The SPAuditMaskType enumeration provides a value for each type of auditable event. You can use bitwiseOR operations to combine these enumeration values to get the exact auditing support that you need for a particular scenario.

SPSite siteCollection = SPContext.Current.Site;
// Turn on auditing flags.
siteCollection.Audit.AuditFlags = SPAuditMaskType.View |
                                  SPAuditMaskType.Update | 
                                  SPAuditMaskType.Delete;
siteCollection.Audit.Update();

Dim siteCollection As SPSite = SPContext.Current.Site
'*** Turn on auditing flags.
siteCollection.Audit.AuditFlags = SPAuditMaskType.View Or _
                                  SPAuditMaskType.Update Or _
                                  SPAuditMaskType.Delete
siteCollection.Audit.Update()

Auditing Options

While the previous example demonstrates how to enable auditing for just view, update, and delete activity, you have even more options. Following is the complete set of SPAuditMaskType values that provide control over different types of auditing.

SPAuditMaskType.CheckIn
SPAuditMaskType.CheckOut
SPAuditMaskType.ChildDelete
SPAuditMaskType.Copy
SPAuditMaskType.Delete
SPAuditMaskType.Move
SPAuditMaskType.ProfileChange
SPAuditMaskType.SchemaChange
SPAuditMaskType.Search
SPAuditMaskType.SecurityChange
SPAuditMaskType.Undelete
SPAuditMaskType.Update
SPAuditMaskType.View
SPAuditMaskType.Workflow

SPAuditMaskType.CheckIn
SPAuditMaskType.CheckOut
SPAuditMaskType.ChildDelete
SPAuditMaskType.Copy
SPAuditMaskType.Delete
SPAuditMaskType.Move
SPAuditMaskType.ProfileChange
SPAuditMaskType.SchemaChange
SPAuditMaskType.Search
SPAuditMaskType.SecurityChange
SPAuditMaskType.Undelete
SPAuditMaskType.Update
SPAuditMaskType.View
SPAuditMaskType.Workflow

Many different types of objects in the Windows SharePoint Services object model are auditable, including SPSite, SPWeb, SPList, and SPListItem. Each of these object types exposes an Audit property that can be configured using values of the SPAuditMaskType enumeration types, as you have just seen. You can use a value of SPAuditMaskType.All to enable auditing for every type of event that is supported by Windows SharePoint Services. You can also use bitwise OR operations to combine these enumeration values from the SPAuditMaskType enumeration to get exactly the auditing support that you need for the scenario at hand. Also, remember that after you set the Audit flags on an auditable object, you must call the Update method to store your changes into the content database.

Watch the Video

Length: 03:07 | Size: 5.92 MB | Type: WMV

• SharePoint Developer Center

• Office Developer Center