Doing work is one thing. Proving you did it is another. For the latter task, California-based Netwrix just released Auditor for SharePoint.

The company, founded in 2006, claims it is the first to offer complete visibility into every part of SharePoint changes, whether they are made to security, content or the farm configuration, as well as changes to systems that may be integrated with SharePoint, such as SQL servers or active directories.

In contrast, Netwrix says, other tools on the market provide point solutions for SharePoint only, and they often rely on SharePoint's built-in auditing functionality. CEO Michael Fimin says those native capabilities are not enough.

A More Complete Solution?

"SharePoint native auditing is simply not enabled in many organizations," he told CMSWire. When it is, he added, native auditing stores "all audit trails into the same databases with the SharePoint content, such as sites and documents," which quickly makes them grow beyond manageable size and can affect the software's performance.

Additionally, he said, native SharePoint auditing "works good enough only for a relatively simple task," such as a specific answer about a document change. To get an audit report covering several site collections, he said, "you find yourself copying and pasting data between a bunch of separate Excel spreadsheets." He noted that this could involve dozens, possibly hundreds and even tens of thousands of site collections.

Fimin told us Netwrix Auditor stores data outside of SharePoint, and enables the retrieval of specific answers.


A screen from Netwrix Auditor for SharePoint

"For example," he said, "you may be investigating particular user activity and want to see all actions by this user in the entire SharePoint farm. Another example would be a periodic report to confirm security policies, [permissions] and best practices are not violated."

Netwrix is designed to capture farm configuration and security changes in the Central Administration, which can include modifications of permissions, group membership, permission levels and security policies.