eG Help

The access request feature allows people to request access to content that they do not currently have permission to see. As a site owner, you can configure the feature to send you mail when someone requests access to a site. You can then choose whether to approve or decline their request. If you approve the request, you can also specify the specific level of permission you'd like to assign to a user.

The access request feature also works together with the Share command for sites. If someone who is not a site owner for a site (that is, someone who does not have full control for a site) uses the Share command to invite other people to view a site, then that action will generate an access request for the site owner. The site owner can then approve or decline the request, or specify the permission level to be assigned to the new user.

At some other times, instead of sending out Share invitations to other users to view the contents of a site, users may choose to share a link to the site with other users. These users can be members of your organization or guest users who are external to your organization.

However, regardless of how a site's contents are accessed (whether it is by requesting access, or via sharing invitations, or via sharing links), maintaining the security and integrity of the data stored in the sites at all times is of utmost importance to administrators! This is why, it is super-imperative that administrators monitor access requests, sharing invitations, and sharing links, promptly capture all activities related to these operations (eg., request creation, request acceptance, invite creation, link creation, invite withdrawal, etc.) as and when they occur, and closely scrutinize them to understand who initiated the operation, on which site, and from where. This is exactly what the SPOSharngActTest test helps administrators do!

This test tracks access and sharing operations from the time of their creation to their acceptance/withdrawal, and captures and reports the number of times every activity related to each of these operations is performed. Detailed diagnostics shed more light on these activities by revealing the users who initiated them, the clients from which the activities were initiated, and even the sites that were impacted. This will enable administrators to efficiently audit these sensitive activities and ensure that they are performed only by authorized individuals on sites that such individuals have control over. Additionally, the test also provides administrators with a measure of the workload that such operations and their related activities impose on SharePoint Online.

Outputs of the test : One set of results for the Office 365 tenant being monitored.

Measurement	Description	Measurement Unit	Interpretation
Total_operations	Indicates the total number of access request and sharing-related operations that were performed by users of SharePoint Online.	Number	The value of this measure is the sum of the values of all measures reported under the section Sharing and access request Operations, in the Layers tab page of the eG monitoring console
Unique_operations	Indicates the count of unique access request and sharing-related operations that were performed on SharePoint Online.	Number	To know which operations were performed, use the detailed diagnosis of this measure.
Unique_users	Indicates the count of unique users who performed operations related to access requests and sharing.	Number	To know which are the users who performed access request and sharing-related operations, use the detailed diagnosis of this measure.
Unique_client_IPs	Indicates the number of unique clients from which the users initiated the access requests and operations.	Number	Use the detailed diagnosis of this measure to determine the IP addresses of the clients from which users performed an access request or sharing-related operation.
Unique_sites	Indicates the number of unique sites on which the access request and sharing-related operations were performed.	Number	Use the detailed diagnosis of the SharePoint Online sites on which access request and sharing-related operations were performed.
Affected_item_types	Indicates the number of types (file/folder/site) of items that were affected by access request and sharing-related operations.	Number	To know what type of items were affected by the access request and sharing-related operations, use the detailed diagnosis of this measure.
Unique_destinations	Indicates the destination URLs of the access request and sharing-related operations that were performed.	Number	To know the unique destination URLs, use the detailed diagnosis of this measure.
Unique_user_agents	Indicates the unique user agents of browsers used for performing access request and sharing-related operations.	Number	To know the unique user-agent strings of the browsers used in access request and sharing-related operations, use the detailed diagnosis of this measure.
Access_req_acceptance	Indicates the number of access requests that were accepted.	Number	A non-zero value for this measure implies that an access request to a site, folder, or document was accepted and the requesting user has been granted access.
Sharng_invitatn_acceptnc	Indicates the number of sharing invitations that were accepted.	Number	If this measure reports a non-zero value, it means that one/more users have accepted sharing invitations, thus obtaining access to that resources that are shared.
Sharng_invitatn_blocked	Indicates the number of sharing invitations that were blocked.	Number	A sharing invitation sent by a user in your organization is blocked because of an external sharing policy that either allows or denies external sharing based on the domain of the target user. In this case, the sharing invitation was blocked because: The target user's domain isn't included in the list of allowed domains; (Or) The target user's domain is included in the list of blocked domains.
Company_link_creations	Indicates the number of company links created.	Number	Company-wide links can only be used by members in your organization. They cannot be used by guests.
Access_request_creations	Indicates the number of access requests created.	Number	A non-zero value for this measure implies that one/more users have access to one/more sites, documents, or folders they do not have permissions to access.
Anonymous_link_creations	Indicates the number of anonymous links that have been created.	Number	Documents and folders (but not sites) can be shared via an anonymous link where anyone with the link can view or edit the document, or upload to the folder. Though this is the least restrictive of sharing options, administrators must exercise caution when granting an external user an anonymous link to edit a resource
Sharng_invitatn_creation	Indicates the number of sharing invitations created.	Number	A non-zero value for this measure indicates that one/more users invited other users who are not in your organization's directory to share a resource in SharePoint Online or OneDrive for Business.
Access_request_denials	Indicates the count of access requests that were declined.	Number	A non-zero value denotes that access requests to one/more sites, folders, or documents were denied.
Company_link_removals	Indicates the count of company-wide links that were removed.	Number	Once a company-wide link or anonymous link is removed, that link can no longer be used to access the resource.
Anonymous_link_removals	Indicates the count of anonymous links that were removed.	Number
File_Folder_Site_share	Indicates the number of files/folders/sites that were shared with other users.	Number
Anonymous_link_updates	Indicates the number of anonymous link updates that occurred.	Number
Anonymous_link_usage	Indicates the number of times resources were accessed by anonymous users using one/more anonymous links.	Number	If this measure reports a non-zero value, then use the detailed diagnosis of the Unique_users measure to identify the IP address of the clients from which the anonymous accesses happened.
Sharing_revokes	Indicates the number of shares that were revoked.	Number	A non-zero value for this measure indicates that users have unshared one/more files, folders, or sites that were previously shared with other users.
Company_link_usage	Indicates the number of times company-wide links were used by users to access resources.	Number	If this measure reports a non-zero value, then use the detailed diagnosis of the Unique_users measure to identify the users who revoked sharing invitations.
Sharng_invitatn_withdrw	Indicates the count of sharing invitations withdrawn.	Number	A non-zero value for this measure is indicative of one/more sharing invitations that were withdrawn. To withdraw a sharing invitation that has already been sent to an external user, you need to revoke the invitation before it is accepted.