The Role of Reporting in GovernanceChristian BuckleyAxcelercbuck@axceler.com

Some of the questions we’ll ask during this webinar:• What is the role of reporting in my

SharePoint governance strategy?• Around which areas of SharePoint should

I capture data?• What data is available out of the box in

SharePoint 2007 and 2010?• What are the best practices for capturing

the data that SharePoint doesn’t provide?

AboutChristian Buckley, Director of Product Evangelism at Axceler• Microsoft MVP for SharePoint Server• Most recently at Microsoft, part of the Microsoft Managed

Services team (now Office365-Dedicated) and then Advertising Operations

• Prior to Microsoft, was a senior consultant, working in the software, supply chain, and grid technology spaces focusing on collaboration

• Co-founded and sold a collaboration software company to Rational Software. At another startup (E2open), helped design, build, and deploy a SharePoint-like collaboration platform (Collaboration Manager), onboarding numerous high-tech manufacturing companies, including Hitachi, Matsushita (Panasonic), and Seagate

• Co-authored ‘Microsoft SharePoint 2010: Creating and Implementing Real-World Projects’ link (MS Press, March 2012) and 3 books on software configuration management.

• Twitter: @buckleyplanet Blog: buckleyplanet.com Email: cbuck@axceler.com

Get the Book

Just released from Microsoft PressOrder your copy at http://oreil.ly/qC4loT

Tackle 10 common business problems with proven SharePoint solutions• Set up a help desk solution to track service

requests• Build a modest project management system• Design a scheduling system to manage resources• Create a site to support geographically dispersed

teams• Implement a course registration system• Build a learning center with training classes and

resources• Design a team blog platform to review content• Create a process to coordinate RFP responses• Set up a FAQ system to help users find answers

quickly• Implement a cost-effective contact management

system

Axceler Overview

Improving Collaboration since 2007Mission: To enable enterprises to simplify, optimize, and secure their collaborative platforms

Delivered award-winning administration and migration software since 1994, for SharePoint since 2007Over 2,000 global customers

Dramatically improve the management of SharePoint

Innovative products that improve security, scalability, reliability, “deployability”Making IT more effective and efficient and lower the total cost of ownership

Focus on solving specific SharePoint problems (Administration & Migration)

Coach enterprises on SharePoint best practicesGive administrators the most innovative tools availableAnticipate customers’ needsDeliver best of breed offeringsStay in lock step with SharePoint development and market trends

Definitions

Governance is about taking action to help your organization organize, optimize, and manage your systems and resources.

A governance strategy is never static – it is

a living, breathing process and a set of rules

that you should live by, not die by!

Your governance strategy needs to be adaptable to meet the growing, changing needs of your business.

• SharePoint out of the box is a powerful platform

• But many organizations don’t think they have the time, money, people to spend on planning

• The same can be said for governance• The result?

o Site sprawlo Unfettered contento Process lawlessness

Why are we talking about governance?

• Central to your governance implementation is understanding and managing what is happening within your SharePoint environment• Identifying, assessing, and prioritizing• Measuring and monitoring• Reviewing and modifying your governance strategy

based on changing data (and risks you identify)• Creating policies that secure and protect, but are

also flexible enough to meet the growing demands of your organization to collaborate

Why are we talking about reporting?

Governance Strategy

Roles and Responsibiliti

es

Principles

Culture

Communication

Change Management

Risk Management

Information Architecture

Business Alignment

Monitoring and

Maintenance

Reporting Strategies

OverviewSharePoint reporting is an extremely broad topic, with different requirements based on site, site collection, and farm-level roles and requirements.

For Administrators, timely and accurate reporting can help maintain governance rules and compliance policies, and to help monitor growth and scalability issues.

For example, the ability to audit permissions, review site and content activity, and monitor content database size and performance are all important aspects of SharePoint administration reporting, but what is available out-of-the-box can be very limited. The problem is that the data needed to provide these reports can be difficult to surface, with much of it only available at the site level – in other words, it is not easily captured across sites, site collections, or multiple farms.

Reporting AreasSharePoint administration reporting can be separated into five different categories:

Permissions• Troubleshooting why users cannot see the content they should• Reporting for different types of compliance• Auditing who has access to sensitive content

Usage/Activity• Finding what content is, or is not, being used• Planning for future growth• Understanding hardware requirements

Storage• Monitoring growth for performance reasons• Understanding hardware requirements • Reorganizing taxonomy based on Storage needs

Audit• Needing to show who accessed what and when, to adhere to internal or external compliance

requirements

Performance• Monitoring page load times to uncover problems • Planning for increased usage

Permissions Reporting

PermissionsPermissions reporting is critical to your business for a number of reasons, such as

AuditingMaintaining accurate user access recordsTroubleshooting functionality problems that most commonly stem from end users trying to perform a task without having the correct permissions.

Missing from SharePoint is the ability to perform centralized management and reporting of all permissions Gathering the data you need is time consuming, as it is mostly available only at the site level, which makes real-time reporting impossible. While functionality in SP2010 has been greatly improved, unfortunately the reporting is still not very robust. Administrators need farm-wide visibility.

Permissions Reporting in 2007Out-of-the-box permissions reporting in SharePoint 2007 is not easy to generate. It is a very manual process that involves compiling site data at the local level, as well as collecting permissions data from all other relevant sources in the object model. Once collected, it must be aggregated and saved locally to make reporting meaningful and relevant, and to enable sharing with others in the organization. One other option is to write custom reports using the SharePoint object model.

Permissions Reporting in 2010Permissions reporting in SharePoint 2010 has not improved much, unfortunately. However, there are a few new features in 2010 that improve permission management capabilities.

In addition, PowerShell commands can now be written to find users that have access to a site. However, with over 600 PowerShell commandlets available, this can be a complex activity in itself – and still requires the data to be normalized and reports compiled.

A new feature called “Check Permissions” provides Administrators the ability to verify the permissions of a user to a targeted site.

Reporting is still done per site, list, or item, which makes building reports on permissions a manual process. Additionally, it doesn’t provide the visibility and flexibility needed across multiple sites, site collections, or across the farm.

You have the option to create custom reports using the SharePoint object model – which requires advanced knowledge of the object model, the ability to access the SharePoint database, and depending on the quantity of data collected and reporting requirements, some kind of reporting tool to organize and format the data.

Usage and Activity Reporting

Usage / Activity Usage and activity reporting is a key tracking mechanism for capacity planning, disaster recovery planning, and to help the Administrator better prioritize and manage their environment on a day-to-day basis.

Activity reports are a great resource for monitoring and measuring user adoption, ensuring the business is getting the most out of their investment.

Usage and Activity Reporting in 2007

Reports on usage and activity can only be generated by Site Collection Administrators and Site Administrators (this is only available in MOSS 2007, not within WSS 3.0). A few examples of these reports are as follows:

Request per day over the past 30 daysAverage requests per day by month for the past 12 monthsList of top pages over the past 30 daysUnique users graph over the past 30 daysThe following is an example of site usage reporting:

Unlike permissions reporting, there is quite a bit of activity reporting available out of the box with SharePoint 2007, but you need to dig to find the datayou need.

Most reports are available only at the site level, and not in an aggregated view. Data only goes back 30 days making it difficult to build long term reports and show trending from a longer range perspective.

Most orgs require long-term reports,spanning many sites and site collections which can be time consuming withSharePoint out of the box.

Usage and Activity Reporting in 2010

As with SharePoint 2007, reports on usage and activity can be generated by Site Collection Administrators and Site Administrators in 2010.

The following is an example of an out-of-the-box site usage report:

Similar to 2007, you must spend time digging to find the data you need in SharePoint 2010, with most reports available only in un-aggregated views at the site level.

Usage and Activity Reporting in 2010

Global visibility into how SharePoint is used is critical for Administrators for a couple key reasons:

You need to provide the business and your management team with robust reports that show them how SharePoint is being used. Understanding how SharePoint is used helps Administrators make educated design, architecture, and taxonomy choices.

Storage Reporting

StorageAnalyzing storage is extremely important for capacity planning, and for understanding the growth and performance requirements of each team within your organization.

The best practice of monitoring and setting limits on the size of SharePoint sites should be an important part of your governance policies.

The next step to setting these governance policies is tracking usage and ensuring end users have the storage they require to meet their business needs.

Storage Reporting in 2007Reports on storage can be generated by Site Collection Administrators and Site Administrators. These reports show:

Document libraries including size, number of items, last modified date, and pathDocuments including type, size, last modified, and pathLists including type, name, size, items, last modified, and path

 The following is an example of site storage reporting in SharePoint 2007:

Storage Reporting in 2007Storage reporting out-of-the-box provides you with some of the essentials you need for managing your environment.

Most Administrators augment this reporting by accessing the back-end servers directly and performing analysis and reporting from the SQL Server.

Other reports you might consider in SharePoint to help proactively manage storage include quotas management in Central Administration storage used per site collection, or by assigned site quota.

Other important reports not available out-of-the-box in SharePoint include long term trends in storage and content database analysis.

Storage Reporting in 2010Reports on storage can be generated by Site Collection Administrators across multiple sites, but not at the individual site level. The reports show storage usage by site, and a trend on growth based on time frame. Surprisingly, in SharePoint 2010 there is actually less detail in these reports than was available in 2007. The following is an example of site storage reporting in SharePoint 2010:

Some of the additional storage reporting that Administrators may consider developing to extend their environmental visibility and better manage capacity planning controls may be things like long term trends in storage, content database analysis, list detail, and item-level analysis reports.

Audit Reporting

AuditsAudit reporting has become an essential area of focus for many SharePoint administrators as the platform becomes more widely adopted and business critical. As part of this expansion, there is the need for stronger governance, which is maintained through both technology and procedural best practices. Requirements for audit reporting can come from different sources. For example,

IT may require additional data as part of capacity planning for future growth. Legal may oversee internal or external audits requiring Administrators to produce reports that show all users that accessed a certain item in a given time period.

As SharePoint grows within an organization, and as more secure content is housed in SharePoint, auditing can provide administrators with the tools needed to manage the major events and changes happening inside of the environment.

Audit Reports in 2007SharePoint records audit data when auditing is enabled on a site collection. Site Collection Administrators can then view these audit records.

Audit records include data on events that get recorded

Event details includes user IDs associated with event, site of event, item type (page, document, list), event date and time, event description (view, check out), and item name and URL

Audit Reports in 2010There are no changes or updates in how auditing data is captured or reported on in SharePoint 2010.

Site Collection Administrators still maintain ownership of the audit records.

Performance Reporting

PerformanceMost SharePoint performance reporting comes from outside of the platform, either through customer scripts and reporting against the farm, or through third-party monitoring and performance tools.

Most performance reporting is owned by operations, not the SharePoint Administrator / End User community, however Microsoft and members of the SharePoint partner ecosystem are constantly adding toolkits and solutions to help with this gap.

Performance Reporting in 2007

SharePoint 2007 does not have much in the way of performance monitoring. Windows event logs can provide some detail on issues in SharePoint.

There is more robust reporting on performance in SharePoint 2010.

Performance Reporting in 2010

SharePoint 2010 has made great strides in the performance area. Central Administration has a whole section for monitoring, which includes Health Analyzer, timer jobs, and detailed reporting.

The robust performance features in SP2010 make it very easy to identify problem areas in SharePoint.

Other Reporting Options

SharePoint Diagnostic Studio 2010 (SPDiag 3.0)

Microsoft SharePoint Diagnostic Studio 2010 (SPDiag version 3.0) was created to simplify and standardize troubleshooting of Microsoft SharePoint 2010 Products, and to provide a unified view of collected data. Administrators of SharePoint 2010 Products can use SPDiag 3.0 to gather relevant information from a farm, display the results in a meaningful way, identify performance issues, and share or export the collected data and reports for analysis by Microsoft support personnel. (http://technet.microsoft.com/en-us/library/hh144782(v=office.14).aspx)

SharePoint Diagnostic Studio 2010 (SPDiag 3.0)

Preconfigured reports:HTTP Requests (all HTTP requests across the farm)Windows Events (critical data from the Windows event logs in the farm)ULS Trace Issues (issues in the unified logging service trace logs)Timer Jobs (all timer job executions)Performance Counters (performance data from counters in the usage database)SQL Server Query IO Over Time (expensive stored procedures input/output over time)CPU (processor usage)Process Memory (available physical memory in MB)SQL Read Intensive Traces (large volume SQL Server queries)Latency Tier Breakdown (moving average of server-side HTTP request page latency)Changed Objects/Types (changes to object types based on the change log)Changed Objects/Types Per database (same as above, by specific content database)Latency All Requests, Percentiles (duration of all requests)SQL Deadlocks (shows deadlocks over time)SQL Blocking (lists SQL queries that have blocked other SQL queries)Availability Report (charts the availability of the HTTP web service)SQL Overview Report (tracks overall health of SQL Server)Worker Process Recycles (scheduled recycle jobs)Failed User Requests (list of failed or slow requests)Crashes (all of the IIS worker process crashes)Requests Per URL (most frequently requested URLs)Requests Per User (percentage of requests made by the most common user accounts)Application Workload (time spent serving requests from various client applications)Requests Per Site (percentage of requests made to each site in the farm)

Other OptionsMany Administrators look at alternate reporting methods to supplement what comes out-of-the-box in SharePoint. Some of these options may require advanced permissions, which may limit what most Site and Site Collection administrators can accomplish, such as custom reporting using the SharePoint Object Model, and SQL reporting. Using SharePoint Designer is a great way to build out custom reports, but suffers from many of the same limitations in scope and visibility as out-of-the-box reporting. There is also a growing interest in using PowerShell. With over 600 PowerShell commands for SharePoint, the learning curve is higher, and reporting is still very manual with the data needing to be aggregated and formatted.

SummaryOut-of-the-box, SharePoint provides you with the basics necessary to manage your SharePoint environment.

While this may be sufficient for some companies, others may require more robust data to help them monitor and manage their SharePoint deployments. As with any enterprise product, understand what your business needs and the features available to your company.

Getting the data you need requires you to be a little creative, and to either build something yourself – or buy something off the shelf.

Planning is Key

Planning is keyUtilize your established PM methodologyFollow these simple, and universal, guidelines for planning:

Understand your business objectivesUnderstand your end user expectationsUnderstand your governance modelTake feedback, iterate on your planMake your efforts transparent

Best PracticesIdentify a governance championClarify roles and responsibilities, and make sure people know what they are signing up forDocument your governance and change management processesClarify and document your information architecture, have a detailed map of your templates, content types, taxonomy and ownership of eachMaintain a list of current risks, make it visibleProvide a list of current and future projects / business activities to allow open dialog of potential risks

Make decisions about your platform based on data, not just “best practices” Have a plan for tracking and measuring key performance indicators and analyticsMake people accountable by

Making the data visible, transparentClarifying potential impactsConstantly reviewing how data is captured, whether it shows an accurate picture of what is happening

In Summary….

Contact me

Order your copy at http://oreil.ly/qC4loT

Christian Buckleycbuck@axceler.com+1 425-246-2823@buckleyPLANETwww.buckleyPLANET.com and http://info.axceler.com

Additional Resources availableDeveloping and Enforcing SharePoint Governance Policies with Axceler ControlPoint http://bit.ly/SJVq8aWhat to Look for in a SharePoint Management Tool http://bit.ly/l26ida The Five Secrets to Controlling Your SharePoint Environment http://bit.ly/kzdTjZ