SharePoint Online: How do I configure the Site Collection Audit Settings from CSOM?

My current project requires that the Site Collection Audit Settings be provisioned with every new OneDrive for Business site. The problem is that there is not existing API (in CSOM or PowerShell) to set these values. Problem? Yes. Insurmountable? No.

I was pointed in the direction of this fantastic blog. The basic idea behind the code is to replicate the 'POST' event that is created by using the UI. The code is magnificent but (as is continually stressed in the video) is not supported by Microsoft. This does not mean that is will not work, it just means that should the name of the underlying fields change, the code will fail unceremoniously.

Anyway, back to the solution. 
Firstly, enable the 'Reporting' Site Collection feature. The feature Guid is "7094bd89-2cfe-490a-8c7e-fbace37b4a34" and should be activated as a FARM level feature

Secondly, here is my add-in code to the set values.

using System.Globalization;

namespace Contoso.Remote.Core.HttpCommands
{
    public class RequestAuditSettings : RemoteOperation
    { 
                #region CONSTRUCTORS

      public RequestAuditSettings(string TargetUrl, AuthenticationType authType, string User, string Password, string Domain = "")
            : base(TargetUrl, authType, User, Password, Domain)
        {
            TrimLogs = false;
            RetentionInDays = 0;
            EditingItems = false;
            CheckinAndCheckout = false;
            MovingAndCopying = false;
            DeletingAndRestoring = false;
            EditContentTypesAndColumns = false;
            SearchSiteContent = false;
            EditUsersAndPermissions = false;
            StorageDocumentLibraryName = "";
        }


        #endregion

        #region PROPERTIES

        public override string OperationPageUrl
        {
            get
            {
                return "/_layouts/15/auditsettings.aspx";
            }
        }

        public bool TrimLogs { get; set; }
        public int RetentionInDays { get; set; }
        public bool EditingItems { get; set; }
        public bool CheckinAndCheckout { get; set; }
        public bool MovingAndCopying { get; set; }
        public bool DeletingAndRestoring { get; set; }
        public bool EditContentTypesAndColumns { get; set; }
        public bool SearchSiteContent { get; set; }
        public bool EditUsersAndPermissions { get; set; }
        public string StorageDocumentLibraryName { get; set; }

        #endregion

        #region METHODS

        public override void SetPostVariables()
        {
            // Set operation specific parameters
            PostParameters.Add("__EVENTTARGET", "ctl00$PlaceHolderMain$BtnOk");
            PostParameters.Add("ctl00$PlaceHolderMain$ctl00$IfcTrimAuditLog$trimAuditLog",
                TrimLogs ? "RadTrimAuditLogYes" : "RadTrimAuditLogNo");

            if (RetentionInDays >= 0)
            {
                PostParameters.Add("ctl00$PlaceHolderMain$ctl00$IfcTrimRetention$TxtTrimRetention",
                    RetentionInDays.ToString(CultureInfo.InvariantCulture));
            }

            PostParameters.Add("ctl00$PlaceHolderMain$ctl00$ctl04$TxtReportStorageLocation", StorageDocumentLibraryName);
            //PostParameters.Add("ctl00$PlaceHolderMain$ctl00$ctl04$TxtReportStorageLocation", "");
            if (EditingItems) { PostParameters.Add("ctl00$PlaceHolderMain$ctl01$ctl01$CheckBoxAuditEdit", "on"); }
            if (CheckinAndCheckout) { PostParameters.Add("ctl00$PlaceHolderMain$ctl01$ctl01$CheckBoxAuditCheckInOut", "on"); }
            if (MovingAndCopying) { PostParameters.Add("ctl00$PlaceHolderMain$ctl01$ctl01$CheckBoxAuditMoveCopy", "on"); }
            if (DeletingAndRestoring) {PostParameters.Add("ctl00$PlaceHolderMain$ctl01$ctl01$CheckBoxAuditDeleteRestore", "on");}
            if (EditContentTypesAndColumns) { PostParameters.Add("ctl00$PlaceHolderMain$ctl02$ctl01$CheckBoxAuditColumnsContentType", "on");}
            if (SearchSiteContent) { PostParameters.Add("ctl00$PlaceHolderMain$ctl02$ctl01$CheckBoxAuditSearch","on"); }
            if (EditUsersAndPermissions) { PostParameters.Add("ctl00$PlaceHolderMain$ctl02$ctl01$CheckBoxAuditPerms", "on"); }
        }

        #endregion

    }
}

and here is the invocation:

 private bool SetSiteAuditing(string oneDriveUrl, string documentLibraryAsRelativeUrl, string adminUserName, string adminPassword)
        {
            try
            {
                // Enable the audit settings
                var auditing = new RequestAuditSettings(oneDriveUrl, AuthenticationType.Office365, adminUserName, adminPassword)
                {
                    TrimLogs = true,
                    RetentionInDays = 30,
                    CheckinAndCheckout = true,
                    MovingAndCopying = true,
                    DeletingAndRestoring = true,
                    EditUsersAndPermissions = true,
                    StorageDocumentLibraryName =  documentLibraryAsRelativeUrl
                };

                auditing.Execute();
                return true;
            }
            catch (Exception)
            {
                return false;
            }
        }


Comments

Post a Comment

Popular posts from this blog

SharePoint 2013: Error updating managed account credentials

I encountered the following message when trying to change a password for a managed account: Error deploying administration application pool credentials. Another deployment may be active. An object of the type Microsoft.SharePoint.Administration.SPAdminAppPoolCredentialDeploymentJobDefinition named "job-admin-apppool-change" already exists under the parent Microsoft.SharePoint.Administration.SPTimerService named "SPTimerV4".  Rename your object or delete the existing object. The error message is self explanatory - Rename your object or delete the existing object.  I choose the latter. Powershell to the rescue. $job = Get-SPTimerJob -Identity "job-admin-apppool-change" $job.Delete() Reset the password and all should be good.
Read more

How can I call a JIRA api through Powershell?

 Navigate to https://id.atlassian.com/manage-profile/security/api-tokens and create an API token Then use the following code: $pair = "me@example.com:<My token here>" $bytes = [System.Text.Encoding]::ASCII.GetBytes($pair) $base64 = [System.Convert]::ToBase64String($bytes) $basicAuthValue = "Basic $base64" $headers = @{ Authorization = $basicAuthValue } $json = Invoke-RestMethod -Uri "https://<mydomain>.atlassian.net/rest/api/3/search?jql= <jql here>" -Method Get -Headers $headers
Read more