Chat now with support
Chat with Support

ControlPoint 8.6.1 - Administration Guide

Preface Configuring the Environment in Which ControlPoint Will Run The ControlPoint Configuration Site Managing Your Farm List Managing Your ControlPoint License Granting ControlPoint Access to Web Applications and Content Databases Configuring ControlPoint Services Using Discovery to Collect Information for the ControlPoint Database Cache Using Sensitive Content Manager Services Setting Sensitive Content Manager EndPoints and Managing Scanning Preferences Managing ControlPoint Configuration and Permissions Modifying ControlPoint Configuration Settings
Changing Default Settings for Actions and Analyses
Supress "Item is inherited - no processing done" Message(SkipNotDoneMsg) Maximum Line Items in Real-time (REPCAP) "Use Cached Data" Default Value (CACHEDREP) Abort Report Processing on Error (ABORTREPORTONERROR) Display "Include users with AD group membership" Parameter (SHOWADGROUPS) Copy/Move Default Temporary Location (TEMPLOCATION) Time to Retain Page Data in Cache (CACHEREPORT4) Time to Retain Temporary UI Objects in Cache (UICACHEDURATION) Number of Reports to Keep in Memory After Drill-Down (RVSESSIONSKEPT) Exclude Web Application(s) from Statistics List (DASHBOARDWAPEXCLUDE) Number of List Items to Display in Selection Grid (DISPLAYSINGLELISTITEMS) Use Activity Min. Date as Start Date (UseActivityDbDate) "Show unique permissions only" Default Value (SHOWUNIQUEPERMONLY) Duplicate Files Report Limit (DuplicateFilesReportLimit) Users to Exclude from Reports (EXCLUDEDUSERS) Eliminate Claims Prefix from Username in Reports (UseCleanedLoginNameInReports) Maximum Number of Orphaned Users to Delete Per Scheduled Batch (OrphanDeleteBatchSize) CSV Delimiter Character (CSVDELIMETER) Largest Active Directory Group to Expand in Reports (MAXMEMBERS) Maximum Number of Users to Act On (MAXUSERSFORACTION) Hide the "Set User Direct Permissions" Action in Permissions Management (PREVENTUSERPERMS) Prevent Set Site Collection Quotas (PreventSetSCQuota) Show Nested Active Directory Groups (PROCESSADHIERARCHY) Hide Interactive Analysis Link (RESTRICTSL) Use Minimum Activity Date as Start Date (USEACTIVITYDBDATES)
Changing Default Settings to Improve Application Performance Audit Log Configuration Settings Changing Settings for Anomalous Activity Detection Restricting Functionality for Members of the Business Administrators Group Changing Default Settings for ControlPoint User Groups Changing Settings to Improve Discovery Performance Changing Settings to Accommodate Special Environmental Factors Changing Default Settings for Navigation Managing Site Provisioning Settings Specifying Global Settings for ControlPoint Policies Setting Preferences for the ControlPoint Scheduler Miscellaneous and Custom Configuration Settings Special-Purpose Configuration Settings
Changing Trace Switch Logging Levels Archiving SharePoint Audit Log Data Troubleshooting
ControlPoint Log Files Troubleshooting Configuration Errors Troubleshooting the ControlPoint Application Interface Troubleshooting Discovery Troubleshooting SharePoint Users and Permissions Troubleshooting Site Provisioning Troubleshooting ControlPoint Operations

Audit Log Configuration Settings

These configuration settings display in the ControlPoint Settings list under the category Audit Log.

For settings in this category that apply to ControlPoint Sentinel for Anomalous Activity Detection, see Changing Settings for Aomalous Activity Detection.

 

ArchiveAuditLog Configuration Settings

The following three settings are exclusive to ControlPoint Archive Audit Log Data processing:

·Archive Audit Log Table Connection String

·Web Applications to Include in Audit Logs

·Number of Hours Worth of Data to Archive at One Time.

For information on using these configuration settings within the context of audit log data archiving, see Archiving SharePoint Audit Log Data.

 

Number of Days to Keep Audit Records (AUDITMAXDAYS)

When auditing is enabled for a SharePoint site collection (either from within SharePoint or using the ControlPoint Set Site Collection Properties feature), SharePoint keeps records of audited actions and events in the content database(s). It is from this history that ControlPoint Audit Log analyses can be run.  

ControlPoint provides an option to purge audit data so that content databases are not overloaded.  By default, no purging is done (as indicated by a Value of 0). ControlPoint Application Administrators can change this retention period by modifying the Value for the ControlPoint Setting Number of Days to Keep Audit Records (AUDITMAXDAYS).

Audit history is purged up to the number of days specified by the ControlPoint Discovery process

Config Settings AUDITMAXDAYS

If the default Value is kept, the audit records will never be purged.  Keep in mind however, the longer audit history is retained, the more storage space it will use in content databases.  Alternatively, you can archive audit log data to free up storage space using ControlPoint xcUtilities.  See Archiving SharePoint Audit Log Data.

Tips for Archiving a Large Accumulation of Audit Data

If you have many months or even years' worth of accumulated data to purge, doing all of it in a single operation can be resource-intensive and can perform slowly.   It is recommended, therefore, that you initially set AUDITMAXDAYS to a larger number, then incrementally reduce that number before each subsequent Discovery run until you have reached the number of days' worth that you want to retain on an ongoing basis.

EXAMPLE:

Suppose 1,000 days' worth of audit log data has accumulated on your farm, but going forward you only want to retain 60 days' worth.  Depending on the size of your farm, purging 940 days worth of data in a single operation might significantly slow down the Discovery job. To avoid this problem, you may want to initially set the AUDITMAXDAYS Value to 800 (that is, purge 200 days' worth) of audit log data.  After the Discovery job has completed, you may want to bring the number down to 600 (that is, purge another 200 or so days' worth), and so on, until you have reduced the amount of audit log data in the database to a manageable amount.  You can then set and leave the Value at 60, saving only the amount that you want to retain on an ongoing basis.

 

Excluding Users from Audit Log Analyses (ExcludeUsersAudit)

By default, unless one or more users are specified in the People Picker, all SharePoint users are included in the ControlPoint Audit Log analysis.

ControlPoint Application Administrators can, however, exclude certain users from these analyses by entering the user account name(s) as the Value for the ControlPoint Configuration Setting Users to Exclude from Audit Log Analyses (ExcludedUsersAudit).  Enter multiple account names as a comma-separated list.

You may, for example, want to exclude common system accounts such as SharePoint\System.

NOTE:  You must exclude users based on full account names (sometimes known as pre-Windows 2000 account names in Active Directory), not display names.  For example, you cannot exclude system accounts by entering the display name System Account.

Config Settings ExcludeUsersAudit

Note that you can still run Audit Log analyses on excluded users if you enter them in the People Picker.  

NOTE:  Users can be excluded from permissions and activity analyses via the ControlPoint Configuration Setting Users to Exclude from Reports (EXCLUDEDUSERS).

 

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating