Programmatically access audit for sharepoint 2010 site
In this example we will retrieve audits recorded for a particular listitem in a list, created in SharePoint 2010 site. The audit results i.e. User,Event,Occurred,Version for that item is stored in a datatable for further use. Also, I am passing ListId and ItemId to a function called GetAudithistory and using ParseVersionNumber and GetUserNameById functions to get the user name and Version number of the item.
public void GetAudithistory(string ListId,string ItemId)
{
SPSite siteColl = SPContext.Current.Site;
SPWeb site = SPContext.Current.Web;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite ElevatedSiteCollection = new SPSite(siteColl.ID))
{
using (SPWeb ElevatedSite = ElevatedSiteCollection.OpenWeb(site.ID))
{
SPList list = ElevatedSite.Lists[new Guid(ListId)];
txtListTitle.Text = list.Title;
SPListItem item = list.Items.GetItemById(Convert.ToInt32(ItemId));
txtItemTitle.Text = item.Name;
SPAuditQuery wssQuery;
SPAuditEntryCollection auditCol;
wssQuery = new SPAuditQuery(ElevatedSiteCollection);
wssQuery.RestrictToListItem(item);
auditCol = ElevatedSite.Audit.GetEntries(wssQuery);
DataTable table = new DataTable();
table.Columns.Add("User", typeof(string));
table.Columns.Add("Event", typeof(string));
table.Columns.Add("Occurred", typeof(DateTime));
table.Columns.Add("Version", typeof(string));
DataRow newRow;
foreach (SPAuditEntry entry in auditCol)
{
newRow = table.Rows.Add();
newRow["User"] = GetUserNameById(entry.UserId, site); -> Calling GetUserNameById
if (entry.SourceName == "CustomViewAuditEvent")
{
newRow["Event"] = "View Audit Log";
}
else
{
newRow["Event"] = entry.Event;
}
newRow["Occurred"] = entry.Occurred.ToLocalTime();
newRow["Version"] = ParseVersionNumber(entry.EventData); -> Calling ParseVersionNumber
}
}
string GetUserNameById(int UserId, SPWeb site)
{
try
{
return site.SiteUsers.GetByID(UserId).Name;
}
catch
{
return UserId.ToString();
}
}
protected string ParseVersionNumber(string versionString)
{
try
{
int startMajor = versionString.IndexOf("") + 7;
int endMajor = versionString.IndexOf(" ");
int lengthMajor = endMajor - startMajor;
int startMinor = versionString.IndexOf("") + 7;
int endMinor = versionString.IndexOf(" ");
int lengthMinor = endMinor - startMinor;
string majorNumber = versionString.Substring(startMajor, lengthMajor);
string minorNumber = versionString.Substring(startMinor, lengthMinor);
if (majorNumber == "0" && minorNumber == "-1")
return "N/A";
return majorNumber + "." + minorNumber;
}
catch
{
return "N/A";
}
}
public void GetAudithistory(string ListId,string ItemId)
{
SPSite siteColl = SPContext.Current.Site;
SPWeb site = SPContext.Current.Web;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite ElevatedSiteCollection = new SPSite(siteColl.ID))
{
using (SPWeb ElevatedSite = ElevatedSiteCollection.OpenWeb(site.ID))
{
SPList list = ElevatedSite.Lists[new Guid(ListId)];
txtListTitle.Text = list.Title;
SPListItem item = list.Items.GetItemById(Convert.ToInt32(ItemId));
txtItemTitle.Text = item.Name;
SPAuditQuery wssQuery;
SPAuditEntryCollection auditCol;
wssQuery = new SPAuditQuery(ElevatedSiteCollection);
wssQuery.RestrictToListItem(item);
auditCol = ElevatedSite.Audit.GetEntries(wssQuery);
DataTable table = new DataTable();
table.Columns.Add("User", typeof(string));
table.Columns.Add("Event", typeof(string));
table.Columns.Add("Occurred", typeof(DateTime));
table.Columns.Add("Version", typeof(string));
DataRow newRow;
foreach (SPAuditEntry entry in auditCol)
{
newRow = table.Rows.Add();
newRow["User"] = GetUserNameById(entry.UserId, site); -> Calling GetUserNameById
if (entry.SourceName == "CustomViewAuditEvent")
{
newRow["Event"] = "View Audit Log";
}
else
{
newRow["Event"] = entry.Event;
}
newRow["Occurred"] = entry.Occurred.ToLocalTime();
newRow["Version"] = ParseVersionNumber(entry.EventData); -> Calling ParseVersionNumber
}
}
string GetUserNameById(int UserId, SPWeb site)
{
try
{
return site.SiteUsers.GetByID(UserId).Name;
}
catch
{
return UserId.ToString();
}
}
protected string ParseVersionNumber(string versionString)
{
try
{
int startMajor = versionString.IndexOf("
int endMajor = versionString.IndexOf("
int lengthMajor = endMajor - startMajor;
int startMinor = versionString.IndexOf("
int endMinor = versionString.IndexOf("
int lengthMinor = endMinor - startMinor;
string majorNumber = versionString.Substring(startMajor, lengthMajor);
string minorNumber = versionString.Substring(startMinor, lengthMinor);
if (majorNumber == "0" && minorNumber == "-1")
return "N/A";
return majorNumber + "." + minorNumber;
}
catch
{
return "N/A";
}
}
could you give me an example code for auditing of downloaded items in a specific list?
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteVery informative article, it provide the information to retrieve audits recorded for a specific list item in a list and created in SharePoint 2010 site. I tested this SharePoint auditing tool ( www.netwrix.com/sharepoint_auditing.html?rid=gDd88kwH ) that helps to generate the comprehensive report which are basis on audit records of list, list items and track users activity on SharePoint server. It allows to easily track all end-user operations and gives the complete visibility of SharePoint Server (Who has done and What, When, Where, changes on the server and at which SharePoint site ).
ReplyDelete