How to update Site collection audit settings for SharePoint online with Powershell

How to update Site collection audit settings for SharePoint online with document library ?


Prerequisite 1 : Install SharePoint Online Management Shell (Google term if below link breaks)
https://www.microsoft.com/en-us/download/details.aspx?id=35588

FYI : AuditMaskType enumeration : https://docs.microsoft.com/en-us/previous-versions/office/sharepoint-server/mt125231(v=office.15)

ID Microsoft.SharePoint.
Client.AuditMaskType		 Enum Value UI Options
1 All -1 Not available from UI
2 CheckIn 2 Checking out or checking in items 
3 CheckOut 1 Checking out or checking in items 
4 ChildDelete 64 Not available from UI
5 Copy 2048 Moving or copying items to another location in the site 
6 ObjectDelete 8 Deleting or restoring items 
7 Move 4096 Moving or copying items to another location in the site 
8 None 0 Not available from UI
9 ProfileChange 32 Editing content types and columns
10 SchemaChange 128 Editing content types and columns
11 Search 8192  
Searching site content 
12 SecurityChange 256 Editing users and permissions 
13 Undelete 512 Deleting or restoring items 
14 Update 16 Editing items
15 View 4 Not available from UI
16 Workflow 1024 Not available from UI


PowerShell Script



#Config Items
$AdminUrl = "https://domain-admin.sharepoint.com"
$SiteUrl = "https://doman.sharepoint.com/sites/POCTest2"
$Username = "fname.lname@domain.com"

write-host "Calling Connect-SPOService with admin URL : " + $AdminUrl + " . You will be prompted for uname and pw."
Connect-SPOService -Url $AdminUrl
write-host "Script is using user name as : " + $Username
 #OLD LOGIC - Issue : password is visible on screen
 #$Password = Read-Host -Prompt "Enter the password"
 #$SecurePassword = ConvertTo-SecureString $Password -AsPlainText -Force

$SecurePassword = Read-Host -Prompt "Enter the password for " + $Username -AsSecureString
##########################################################################
# Connect to site
$ClientContext = New-Object Microsoft.SharePoint.Client.ClientContext($SiteUrl)
$credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $SecurePassword)
$ClientContext.Credentials = $credentials
$spoSite = $ClientContext.Site
$ClientContext.Load($spoSite)
$spoSiteAudit = $spoSite.Audit
$ClientContext.Load($spoSiteAudit)
$ClientContext.ExecuteQuery()
write-host "Current audit flag # is : " + $spoSiteAudit.AuditFlags
#Flags (Add more flags as required)
$Copy = [Microsoft.SharePoint.Client.AuditMaskType]::Copy;
$ObjectDelete  = [Microsoft.SharePoint.Client.AuditMaskType]::ObjectDelete;
$Move = [Microsoft.SharePoint.Client.AuditMaskType]::Move;
$ProfileChange = [Microsoft.SharePoint.Client.AuditMaskType]::ProfileChange;
$SchemaChange = [Microsoft.SharePoint.Client.AuditMaskType]::SchemaChange;
$SecurityChange = [Microsoft.SharePoint.Client.AuditMaskType]::SecurityChange;
$Undelete = [Microsoft.SharePoint.Client.AuditMaskType]::Undelete;

$ClientContext.Site.Audit.AuditFlags = $Copy,$ObjectDelete,$Move ,$ProfileChange, $SchemaChange, $SecurityChange, $Undelete
$ClientContext.Site.Audit.Update();
$spoSite.RootWeb.AllProperties["_auditlogreportstoragelocation"] = "/sites/POCTest2/Shared%20Documents";
$spoSite.RootWeb.Update();
$ClientContext.Load($spoSite);
$ClientContext.Load($spoSite.RootWeb);
$ClientContext.Load($spoSite.RootWeb.AllProperties);
$ClientContext.ExecuteQuery();


Comments

  1. James ZicrovDecember 10, 2020 at 1:55 AM

    I feel this was a very complex but anyhow useful code that might have benefitted many developers and professionals out there.

    Powerbi Read Soap

    ReplyDelete

Post a Comment

Popular posts from this blog

Chrome Extension to auto refresh Power BI report.

Chrome Extension to auto refresh Power BI report. Requirement  :  Power BI report will be visible on monitor/projector and team will monitor it live. Report needs to refresh on it's own every 5 seconds. Power BI : We created report with SQL direct query so report shows current data when accessed or clicked refresh on report. https://docs.microsoft.com/en-us/power-bi/desktop-use-directquery Solutions : #1 :  Refresh full page every x seconds https://chrome.google.com/webstore/detail/auto-refresh/ifooldnmmcmlbdennkpdnlnbgbmfalko?hl=en-US Issues with above solution : Extension refreshes full page (browser refresh) so screen becomes blank for second(s). If user want to click on report and see the data, it can cause issue if page refreshes at same time. #2 : Created new chrome plug in / Extension so it will click refresh button after N (seconds) interval, so it will only make AJAX call and refresh report data (not entire page). https://chrome.google.com/webstor
Read more

How to call SharePoint online rest APIs using postman?

How to call SharePoint online rest APIs using postman? Step 1: Install Postman:  https://www.getpostman.com Step 2: Generate Client ID and Client Secret               Use below URL (Update Initial part):               <SPO Site Collection URL>/_layouts/15/appregnew.aspx               Note :                You can visit below URL to see all registered apps.                 <SPO Site Collection URL>/_layouts/15/AppPrincipals.aspx Step 3: Grant correct permissions to app and authorize it.                Use below URL (Update Initial part) : <SPO Site Collection URL>/_layouts/15/appinv.aspx Example of  permissions XML : Full control on site collection (Please do not change site collection URL or any part from below XML. and please google for more permissions XML like only web/list access with read/write permissions) <AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope=" http://sharepoint/co
Read more

Dataverse D365 REST Web Api using client secret From Postman or Power Automate desktop (PAD)

Image
  How to call Dataverse REST Web Api from postman or power automate desktop. Note:  <Value>: Either custom value or value from previous steps. What do we need? - Postman:  Download Postman | Get Started for Free - PAD:  Install Power Automate - Power Automate | Microsoft Learn - D365 environment URL - O365 Entra/*Global admin.   ----X---- Let's get started. Register an app using MS Entra Platform:  Go to: https://entra.microsoft.com/ -> Identity -> Applications -> App registrations -> New registration Official link: https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app   Name: <Provide Name> Supported account types: Single tenant. Redirect URI: https://localhost Update Manifest file: Set oauth2AllowImplicitFlow to true. Grant Permission to access Dataverse (AKA Dynamic CRM) API Permissions -> "+ Add a permission" "User_impersonate" -> "Add permissions" Grant API Permissions (Note: Only Global ad
Read more