Microsoft Windows SharePoint Services 3.0 includes a powerful new infrastructure for auditing user access to pages, and document and list items. You can enable auditing for an entire site collection, but it can be more efficient to enable auditing with more granularity. For example, you might want to enable auditing for one specific list or document library. You can go even further and just enable auditing for one specific list item or one specific document.
In the Windows SharePoint Services object model, SPList objects and SPListItem objects expose an Audit property that makes it possible to configure auditing. The following example shows how to enable auditing of two types of auditable events in a single document library.
While the previous example demonstrates how to enable auditing for just view delete activity or child delete activity, you have a few more options. Following is the complete set of SPAuditMaskType values that provide control over different types of auditing for events that can occur to a document library.
In Windows SharePoint Services, auditing support is configured on a site collection-by-site collection basis. You can enable auditing for an entire site collection by programming against the Audit property of an SPSite object. However, this "course-grained" approach might not be efficient for large site collections that experience a significant volume of traffic.
When you set the audit flags for a document library, you are auditing only the events that occur to the document library itself–not setting those flags for events that occur on both the document library and all of the documents inside. For example, if you view the entire document library, that event is recorded, but if you update a document in a document library, that event is not recorded.
Several different types of objects in the Windows SharePoint Services object model are auditable, including SPSite, SPWeb, SPList and SPListItem. Each of these object types exposes an Audit property that can be configured by using values of the SPAuditMaskType enumeration types, as you have just seen. You can use a value of SPAuditMaskType.All to enable auditing for every type of event that is supported by Windows SharePoint Services. You can also perform a bitwiseOR operation on values from the SPAuditMaskType enumeration to get the specific auditing support that you need for the scenario at hand.
Remember that only the audit settings on the SPSite object have the "trickle down" effect to objects in the site. Audit settings on child object types such as SPWeb, SPList, and SPDocumentLibrary do not trickle down. Therefore, if your auditing solutions require more granularity than a single set of audit flag settings at the SPSite object level, you should use the SPLIstItem class to configure audit settings on individual list items and documents.