12 November, 2012

How to enable the audit log in SharePoint 2013

To enable the audit log by using Central Administration

·         On the Central Administration home page,
·         In the Application Management section,
·         Click Manage service applications.
·         Select the Secure Store service application.
·         On the ribbon, click Properties.
·         From the Enable Audit section,
·         Click to select the Audit log enabled box.
·         To change the number of days that entries will be purged from the audit log file, specify a number in days in the Days until Purge field.
·         The default value is 30 days.
·         Click OK.

Configure audit settings for a site collection

Please use the following link in which Microsoft has given a very detailed description that references each and every minor point regarding audit settings:

It consists of:
·         Auditing event information
·         Trimming the audit logs (new enhancements in SP2010 and SP2013 as compare to earlier versions)
·         Configure audit log trimming
·         Configure events to audit

View audit log reports
Following link will help you to understand the following points:
·         Events available for audit log reports
·         Available audit log reports
·         View audit log reports

Please let me know in case of any queries/questions so that we can discuss and sort it out quickly.
Thank you


  1. Nice post. Here is one more post explaining audit log

  2. Wow.. I was searching for this. Thank you so much

    1. You are welcome :) i am glad that it worked for you. Thanks for the comment.

  3. Are you sure the Secure Store audit has anything to do with the information management policy? I thought the Secure Store audit was just to audit authentication via Secure Store.

  4. thank you for your article,
    alright, i've done all the instructions, and created a document and done the changes in order to save a log, but still
    I Do not find the link "Audit log reports"

    1. Imp note: You should be having site collection admin rights to view that functionality.

      Where you will find the above -> site actions->site settings->site collection administrators

      Audit log reports - you will find here
      site actions->site settings->site collection administration->Audit log reports

  5. It looks a good help while need to audit the events changed in SharePoint.
    Though, Due to lack of time, I generally avoid taking manual steps to analyze the changes and use an automated solution from Lepide i.e., ( http://www.lepide.com/sharepoint-audit/ ) to audit the changes made in my SharePoint environment. This tool provide all the reports at granular level with real time monitoring that helps to prevent unwanted changes in SharePoint server.
    However, this blog seems to be a good alternative in my coming future.

  6. Nice Post! also I have one quick query! audit settings in central admin is mandatory? or is there any dependencies/relation between CA settings and Site collection settings?



Your feedback is always appreciated. I will try to reply to your queries as soon as possible- Amol Ghuge