Before you start creating a monitoring plan to audit your SharePoint farm, plan for the account that will be used for data collection – it should meet the requirements listed below. Then you will provide this account in the monitoring plan wizard.
On the target SharePoint farm:
On the SharePoint server where the Netwrix Auditor Core Service will be deployed: the account must be a member of the local Administrators group.
To learn more about Netwrix Auditor Core Services, refer to Installing Core Services to Audit User Activity and SharePoint (Optional).
- On the SQL Server hosting SharePoint database: the SharePoint_Shell_Access role.
See Assigning 'SharePoint_Shell_Access' Role
- If you plan to collect state-in-time data from a SharePoint farm, the account should also meet the requirements below:
- for site collection processing – lock status for this account must differ from No access
- for web application processing – the following permissions must be assigned to this account:
- Open items
- View items
- Browse directories
- View pages
- Browse user information
- Enumerate permissions