Netwrix Auditor for SharePoint

From a small company to a large enterprise, auditing is an integral part of the daily routine for the majority of organizations. In your daily work, you might have been receiving lots of requests for providing reports on changes in governance and security. If you are an administrator of a SharePoint farm then you need reports on changes to SharePoint farm configuration, content, security policies, security permissions, etc.

Using SharePoint native auditing tools, you will not get this kind of audit reports, which you can show to your clients or business owners to prove controls in your SharePoint environment are in place. But you can use auditing software from Netwrix to get auditing reports you need.

About Netwrix Corporation

Netwrix Corporation is a provider of IT auditing software for various IT systems such as Active Directory, Exchange Server, Office 365, file servers (Windows File Servers, EMC, and NetApp), SharePoint, SQL Server, VMware, Windows Server and others. Since 2006 Netwrix has earned more than 7000 customers.

Netwrix Auditor for SharePoint

Netwrix Auditor for SharePoint is one of the auditing software applications provided by Netwrix, which will be very much helpful for reporting. This solution automatically tracks all changes to SharePoint farm configuration, user content, permissions, group membership, and security policies, and provides audit reports on them, containing details on who changed what, when and where. Additionally, the product reports on access to content on SharePoint.

Using Netwrix Auditor for SharePoint, you get the following capabilities.

Report on SharePoint Site Changes

You will be able to get a report on such changes to SharePoint sites, as site deletion, site address modification, etc.

Report on SharePoint Content Changes

Oftentimes users ask: “I have uploaded some documents, but I am not able to see those documents now.” Netwrix Auditor for SharePoint will help find out what happened to SharePoint documents and address users’ questions.

It reports on what changes were made to the content, who made the changes and when. Moreover, it shows what type of content was changed and from which workstations these changes were made.

Report on SharePoint Permission Changes

Netwrix Auditor for SharePoint tracks who made changes to SharePoint permissions, what exactly was changed, when and on what sites changes were made.

Interactive Search

The Interactive Search feature helps to quickly browse audit data and find definite answers to questions about who changed what, when and where. Using the search it is very easy to detect anomalies in user behavior and investigate various threats.

Export the results or create custom reports meeting your specific requirements. The search criteria can be saved for later use and shared with other users.

Delegated Access to Audit Data

Enable different teams and stakeholders to access the actionable audit data whenever they need it via the Netwrix Auditor Client console that can be installed on an unlimited number of computers.

Out-of-the-Box Compliance Reports

Whenever you need to show the auditors that specific processes and controls are (and were always) in place, prove it with data. Netwrix Auditor provides out-of-the-box reports that are mapped toward specific regulatory compliance standards, including PCI DSS, HIPAA, SOX, FISMA/NIST800-53 and ISO/IEC 27001.

Security Investigations

Identify the root cause of malicious activities and collect evidence for compliance. Netwrix Auditor helps detect security incidents that put your IT systems or data at risk. It allows you to identify the root cause, from a broken system configuration to abuse of privileges—even if the cause lies in the distant past.

The Investigations feature enables you to import your archived audit trails into Netwrix Auditor and use them to build ad-hoc reports for key stakeholders and external compliance auditors.

Product Demo

Let’s take a look at how the solution works, how we can search the data and generate reports in it. When you open Netwrix Auditor, it will display buttons for launching different options:, Search, Reports, Subscriptions, Enterprise Overview, and Saved Searches.

Let’s first click the Enterprise button to see all changes across the whole environment. Here we can see what changes were made to such systems as Active Directory, Exchange Server, SQL Server, SharePoint, VMware, file servers, etc. The diagram will display the amount of changes in different systems.

Reports on SharePoint Changes

On the Home page of Netwrix Auditor, we can click on SharePoint to get a closer look at the changes in the SharePoint environment.

Once you click on SharePoint button, Netwrix Auditor first displays changes in a graphical way: by date, by users who made most changes, by site collections and by most modified object types.

To see changes in a particular site collection, simply click on its URL:

You’ll get a report on changes made to this site collection.

Likewise, we can see changes that happened to each object type like Document, List, Group, etc.

To view changes that happened to all documents simply click on the corresponding graph.

You’ll receive a report displaying all changes to documents inside any SharePoint site collection.

Similarly, all changes to groups will be displayed the following way:

Download Reports in Word, PDF or Excel

All reports can be exported in Word, PDF or Excel format.

Search Feature

On the home page of Netwrix Auditor click the Search icon.

Type in a search query in the search string to see the changes you are looking for. In this particular demo, I typed ‘document’.

As a result, I got the list of all changes to documents with the information on who made changes, what was changed, where and when the changes were made.

It is easy to save the search query to use it next time directly from the home page.

To save the search, click on Tools -> Save Search:

Once you saved a search, it will appear under Saved Searches on the home page. Next time onwards you can quickly repeat the search by clicking on this tile.

Reports

Netwrix Auditor for SharePoint provides predefined reports, and some of them are grouped by compliance standards. Double-click on Reports on the home page.

We can view the Compliance reports from the Compliance tab:

Here’s how a report on SharePoint Changes with Review Status looks like:

Subscribe to Reports via Email

You can subscribe to reports and get them into your mailbox by clicking “Subscribe”.

You can also choose the option to get an email on specific days or every month:

Upcoming Version

Netwrix has released a new version – Netwrix Auditor 8.0. It introduces:
– Netwrix Auditor for Office 365
– Netwrix Auditor for NetApp
– Netwrix Auditor for EMC

Conclusion

Overall, from my personal experience, Netwrix Auditor for SharePoint is a very effective product that enables monitoring of all the changes made within your SharePoint environment. With rich reporting capabilities, including search feature and compliance reports, it’s a very good auditing product. Apart from SharePoint changes, you can unify auditing of all IT changes with one platform. It is worth downloading a 20-day trial version to see the features and functionality of the product.

You may like the following SharePoint product reviews:

• Harmon.ie Mobile iOS product review for iPhone and iPod
• LepideMigrator for Documents Product Review (Kernel Migrator for SharePoint)
• DocRead for SharePoint Review (Collaboris)
• Datapolis Process System for SharePoint 2013 Product Review
• Infowise Ultimate forms SharePoint Product Review
• KWizCom Forms Enterprise Edition Product Review
• Office 365 Calendar Add-in by Virto Software Product Review
• Data Grids in SharePoint with Collabion A Product Review
• SharePoint Dashboards: Create Charts without using Code or Power BI