Is there a log file where we can see if users try to access sites/pages they don't have access to or that haven't been shared with them?
Add a comment
|
1 Answer
The SharePoint log preserve some information related to Unauthorized Access Tries that saved in the log file as "Sending HTTP response 401 - text/plain:401 UNAUTHORIZED"
But, Unfortunately, the UserIdentityName is not preserved, it showed as null.
The entry log for Unauthorized Access looks like:
07/12/2017 12:03:23.34 w3wp.exe (0x464C) 0x2398 SharePoint Foundation General b6p2 Medium Sending HTTP response 401 - text/plain:401 UNAUTHORIZED. 6b83049e-3013-f067-48e5-5bee64a22c59
answered Jul 12, 2017 at 10:03