Blog Post

Core Infrastructure and Security Blog
2 MIN READ

Auditing and the WorkFlow history list in MOSS 2007

Christopher Weaver's avatar
May 15, 2019

First published on TECHNET on Jan 14, 2015

Hello All,

 

Recently I was working with a customer who has MOSS 2007 and as we are making improvements to this environment I realized that they had disabled the WorkFlow Cleanup Timer Job I then discovered that they had done this becuase somebody had told them to do this so that Site Collection owners could have audit logs using those lists...sigh

 

This SHOULD NOT BE DONE, the lists are not secured properly to be used as Audit logs, SharePoint does audit functionality built in and that is what you should use.  Here is the meat of the e-mail I sent to my customer to help them decide how to proceed.

 

I highly recommend that you look at this project as a solution http://msdn.microsoft.com/en-us/magazine/cc794261.aspx

 

 



First as I have mentioned in the past Workflow history lists were never intended to be used for auditing, and do not meet security requirements as regular users could gain access and edit entries.  Along the same lines writing to a list would be unacceptable for the same reason.  Please see this article for a note about Workflow History lists http://technet.microsoft.com/en-us/library/ee662522(v=office.14).aspx .

 

This leaves us with two choices the OOB audit functionality that is built into SharePoint or a 3 rd party tool, since this seems to be the only site that requires auditing (Please correct me if I’m wrong) I would recommend the OOB functionality as being the more cost effective choice.  Here is some relevant information about the audit functionality.

 

 




    1. Auditing and reporting is done at the Site Collection level

 


    1. OOB there is limited setting that can be modified for Auditing, but it is customizable

 


    1. There is an auditflag for WorkFlows which means we could gather information and then create a custom report to view that data.  We could implement this following advice in this article http://msdn.microsoft.com/en-us/magazine/cc794261.aspx NOTE: The exe in this article is not supported by Microsoft.



 

 

Configure audit settings for a site collection

 

https://support.office.com/en-US/Article/Configure-audit-settings-for-a-site-collection-c4ee05e1-2ebd-45f1-a254-d2350aa44ae0?ui=en-US&rs=en-US&ad=US

 

 

 

Events audited when audit logging is enabled (Office SharePoint Server)

 

http://technet.microsoft.com/en-us/library/cc824909(v=office.12).aspx

 

 

 

Custom Auditing In SharePoint

 

http://msdn.microsoft.com/en-us/magazine/cc794261.aspx

 

 

 

Item-Level Auditing with SharePoint Server 2007

 

http://msdn.microsoft.com/en-us/library/office/bb397403(v=office.12).aspx

 

 

Updated Apr 28, 2020
Version 3.0
No CommentsBe the first to comment