SharePoint Online 获取Audit Log
前言
我们在使用SharePoint Online的时候,经常有用户希望获取Audit Log。
正文
我们都知道,SharePoint Online的Audit Log都保存在管理中心,这里,我就从网上找到一段PowerShell获取,大家可以参考
Get-PSSession | Where-Object { $_.ConfigurationName -eq 'Microsoft.Exchange' } | Remove-PSSession -ErrorAction SilentlyContinue $UserCredential = Get-Credential # Create the session to Exchange Online $Session = New-PSSession -ConfigurationName Microsoft.Exchange -Uri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection # Import the Exchange Online commands Import-PSSession $Session $csvFile = "D:\auditlog.csv" # Setup our start and end dates to pull back events $end = Get-Date $start = $end.AddDays(-90) $i = 1; $startTime = Get-Date do { $AuditData = Search-UnifiedAuditLog -StartDate $start -EndDate $end -RecordType SharePointFileOperation -ResultSize 5000 -SessionCommand ReturnLargeSet -SessionId "ExtractLogs" -SiteIds "19739e8e-c67c-452b-bc77-9d62dd3e1b6d" $ConvertedOutput = $AuditData | Select-Object -ExpandProperty AuditData | ConvertFrom-Json $ConvertedOutput | SELECT CreationTime,UserId,Operation,Workload,ObjectID,SiteUrl,SourceFileName,ClientIP,UserAgent | Export-csv $csvFile -NoTypeInformation -Append -Force Write-Host $i++ . $AuditData.Count $i = $i + 1; } Until($AuditData.Count -eq 0) $endTime = Get-Date Write-Host $startTime - $endTime
特别的
Get-Credential是通过打开浏览器,输入账号密码的方式进行认证的,这个认证方式其实多种多样,也有后台写死用户名密码的方式,或者通过pfx秘钥的方式,大家有需要也可以去找一找相关文档。
博文推荐: |
SharePoint 2013 WebPart 管理工具分享[开源] |
基于SharePoint 2013的论坛解决方案[开源] |
SharePoint 2013 学习基础系列入门教程 |
SharePoint 2013 图文开发系列之门教程 |
SharePoint Designer 学习系列入门教程 |
特:如果有SharePoint项目,欢迎邮件联系我,Email:linyu_s@163.com |