Groove Audit Service


Updated: April 1, 2008

Applies To: Groove Server 2007

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.


Topic Last Modified: 2007-09-13

The Groove Audit service is an optional feature installation, provided with Groove Manager. This service, typically installed on a dedicated machine, is the audit data collection point for Groove tool and member events that take place on Groove clients registered with a management domain. Like its parent Groove Manager, it relies on SQL databases for storage. Domain administrators use a device policy defined in Groove Manager to schedule client audits and select the type of events to be audited.

Groove Auditing consists of four parts:

  • A Groove client-side audit log which securely collects Groove user events into an encrypted file.

  • The Groove client-side Audit Service which secures the audit log for upload to the Audit Server.

  • The Audit Server software which collects and decrypts the log data, then stores it in a SQL server database.

  • A Groove Manager device policy that defines what data should be audited on devices within a management domain.

Groove audit logs are immediately encrypted on clients upon event creation, and are decrypted only after arrival at the audit server, affording a highly secure auditing environment. In addition, NTFS permissions are used to prevent tampering with the logs and the Audit Service by unauthorized personnel.