05/09/2012 Leave a comment
Auditing enables administrators to keep a reliable log of what is happening with important content on a site collection. Administrators are able to retrieve the entire history of actions taken by a particular user and can also retrieve the entire history of actions taken during a particular date range.In SharePoint Content Database we have a table named AuditData. This table stores audit logs when “Auditing” enabled in Site or List Libraries. But once you enabled “Auditing” this table size will growth continously and it will consume your storage space in your SQL Server quickly.At that point you’ll need to delete older audit logs which is stored in your content database
For SharePoint 2007 we have a STSADM command for clearing audit data for maintanence purporse (but it is depreciated in SharePoint 2010)
So clearing old auditlogs you may fallow
1) Open a Command Prompt as Administrator Privilegdes in your one of SharePoint Server
2) Change path to
cd c:\program files\common files\microsoft shared\web server extensions\12\Bin
3) Run fallowing command change it as your content database name
stsadm –o trimauditlog –date 20120822 –databasename MyContentDatabaseName
Important: The audit entries before given date are permanently deleted after this operation has run
This operation is not done automatically by SharePoint 2007 (it is by design) .This responsibility has assigned to System Administrators for maintenance and shoud be done manually by periodically.For more information about trimauditlog you can check:
For SharePoint 2010 we have a dedicated TimerJob for doing this operation .Default schedule is set by monthly.
1) Go to your Central Administration -> Monitoring -> Review Job definitions
I would like to inform you about someting when you run this timer job it will use the value of rentation (for example 3 ) which you set in Site Settings-> Site Collection Audit Settings .
Even you set the “Automatically trim the audit log for this site” yes and set rentation for 3 days (like in example) . the logs will not be deleted from Content Database until “Audit Log Trimming” timer job is run.After timer job runs the logs until rentation value ( 3 days in example) will be deleted.
What if you set “Automatically trim the audit log for this site” as No . How could you clear old logs ?
There is another way to do it by using PowerShell . you can able to give here a date as parameter like stsadm command.
1) Run SharePoint 2010 Powershell Console by administrator priviledges .
2) Type fallowing commands:
$site = Get-SPSite
$date = Get-Date “22/08/2012”
#(You need to check date format , type $date and press enter)
#Result like: 22 August 2012 00:00:00
#(and check the date is correct because it can be changed by regional settings. if date is in correct format )
You can fallow whats happening in background by tracing ULS logs in real time. And you can learn how many records are deleted.
//See you next article .