®   Auditing SharePoint Activity   for Compliance and Security Made possible by:                          © 2012 Monterey...
Brought to you by:                         LOG & EVENT MANAGERwww.logbinder.com         www.solarwinds.comRandy Franklin S...
Preview of Key PointsRisks of not auditing SharePointNative SharePoint audit foundationBuilding on the foundation      ...
Risks of not auditing                                  SharePointCustomer information disclosure Liability, notification...
Native SharePoint                              audit foundationAvailable in                      ® Window Server System ...
Native SharePoint                                       audit foundation Audit policy defined  Site collection level  L...
Native SharePoint                            audit foundationWhere is the SharePoint audit log? Stored in the content da...
Native SharePoint                           audit foundationAudit records written to internal table within content databa...
Native SharePoint                                audit foundation Rudimentary Excel® reports available  Audit codes, obj...
Native SharePoint                         audit foundationNo alertingAudit log purging introduced with SP2010           ...
Native SharePoint                            audit foundationLimitations in WSS and Foundation Audit engine present Aud...
Building on the foundationSharePoint                           LOG & EVENT MANAGER               Windows               Eve...
Turn data into information LOGbinder SP Agent                                     SharePoint  Translates SharePoint audi...
Take action                                    on the information SolarWinds LEM                   SharePoint  Built-in ...
Bottom Line SharePoint increasingly  used to store and process       Next steps  sensitive information             Down...
Upcoming SlideShare
Loading in …5
×

Log Auditing for SharePoint® with SolarWinds® LEM and LOGbinder SP

1,904 views

Published on

For more information on LEM, visit: http://www.solarwinds.com/log-event-manager.aspx


Watch this webcast: http://www.solarwinds.com/resources/webcasts/log-auditing-for-sharepoint-with-log-and-event-manager-and-logbinder.html

Watch how SolarWinds® and LOGbinder teams combined their effort to integrate the LOGbinder audit data into SolarWinds Log & Event Manager (LEM), and providing not only the required connector, but additional rules, filters, and reports for real-time monitoring and historical analysis of the Share Point auditing data. These rules, filters, and reports will help you make the most of both investments.

As more and more sensitive information makes its way into SharePoint the risk of not auditing SharePoint activity grows. If you don’t already feel the pressure to bring SharePoint audit logs into your SIEM / log management process you probably will soon as more regulators and auditors take notice of SharePoint’s explosive growth.

SharePoint has a built-in audit logging capability but 6 issues make SharePoint audit log management a technical challenge:

1. SharePoint's audit log does not provide the names of users or object
2. SharePoint's audit log is buried in SharePoint's SQL server content database.
3. SharePoint's audit log has no reporting.
4. Windows SharePoint Services provides no interface for enabling auditing at all.
5. SharePoint's audit log.
6. No way to manage audit policy.

Deploy SolarWinds Log & Event Manager (LEM); an award winning log and event correlation software for any size IT network management environment. LEMs node-based pricing is a perfect fit for any tight IT budget while proving all the power and ease of a SIEM solution for operations, compliance (PCI, HIPAA, NCUA, GLBA, NERC-CIP, FISMA, SOX) and security needs.

Is your organization using SharePoint? Perhaps you should check SolarWinds LEM out!

Download a full-featured, free 30-day trial now: http://www.solarwinds.com/log-event-manager.aspx

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,904
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Log Auditing for SharePoint® with SolarWinds® LEM and LOGbinder SP

  1. 1. ® Auditing SharePoint Activity for Compliance and Security Made possible by: © 2012 Monterey Technology Group Inc.
  2. 2. Brought to you by: LOG & EVENT MANAGERwww.logbinder.com www.solarwinds.comRandy Franklin Smith Rob JohnsonCreator of LOGbinder Sr. Sales Engineer © 2012 Monterey Technology Group Inc.
  3. 3. Preview of Key PointsRisks of not auditing SharePointNative SharePoint audit foundationBuilding on the foundation ® SolarWinds Log & Event Manager LOGbinder SP © 2012 Monterey Technology Group Inc.
  4. 4. Risks of not auditing SharePointCustomer information disclosure Liability, notification costs, loss of good willTrade secrets and intellectual propertyHuman resources dataRegulatory penalties and liability SOX PCI HIPAA GLBA © 2012 Monterey Technology Group Inc.
  5. 5. Native SharePoint audit foundationAvailable in ® Window Server System (WSS) 3.0 • Not exposed in the interface SharePoint 2007 SharePoint Foundation • Not exposed in the interface SharePoint 2010 © 2012 Monterey Technology Group Inc.
  6. 6. Native SharePoint audit foundation Audit policy defined  Site collection level  List/Library level  No way to set global audit policy or automatically audit new site collections What can you audit?  Changes to audit policy  Permission changes  Group membership changes  View  Check in/out  Delete/Update  Schema changes  Workflow  Search © 2012 Monterey Technology Group Inc.
  7. 7. Native SharePoint audit foundationWhere is the SharePoint audit log? Stored in the content database Accessible via Audit Reports under Site Collection AdministrationCan you rely on the native audit log? Provides an accurate audit trail But limitations exist © 2012 Monterey Technology Group Inc.
  8. 8. Native SharePoint audit foundationAudit records written to internal table within content database Inaccessible to log management solutions ® Consumes SQL/SharePoint storage Stores audit logs on same system where they are generated © 2012 Monterey Technology Group Inc.
  9. 9. Native SharePoint audit foundation Rudimentary Excel® reports available  Audit codes, object ID numbers, user and group ID numbers not translated
  10. 10. Native SharePoint audit foundationNo alertingAudit log purging introduced with SP2010 © 2012 Monterey Technology Group Inc.
  11. 11. Native SharePoint audit foundationLimitations in WSS and Foundation Audit engine present Auditing only possible through application that interfaces with SharePoint API © 2012 Monterey Technology Group Inc.
  12. 12. Building on the foundationSharePoint LOG & EVENT MANAGER Windows Event Log Alerts Reports Archive © 2012 Monterey Technology Group Inc.
  13. 13. Turn data into information LOGbinder SP Agent SharePoint  Translates SharePoint audit records into human readable audit LOG & EVENT MANAGER trail Windows  Sends SharePoint audit events to Event Log Alerts Reports Archive the Windows event log  Purges events after export © 2012 Monterey Technology Group Inc.
  14. 14. Take action on the information SolarWinds LEM SharePoint  Built-in support for LOGbinder SP LOG & EVENT MANAGER  Secure, long term log Windows archival Event Log Alerts Reports Archive  Alerting • Recommended default alerts already implemented  Reporting • Recommended reports already implemented • Schedule reports daily, weekly, monthly © 2012 Monterey Technology Group Inc.
  15. 15. Bottom Line SharePoint increasingly used to store and process Next steps sensitive information  Download evaluation copy Becoming an IT audit and compliance target  Schedule a demo Auditing, alerting, reporting is a must for any technology like SharePoint www.logbinder.com/sp SharePoint native auditing is a foundation technology www.solarwinds.com SolarWinds LEM with LOGbinder SP builds on that foundation to provide fully managed audit and security monitoring for SharePoint © 2012 Monterey Technology Group Inc.

×