To determine if your SharePoint sites or objects have been shared externally, you can utilize either the SharePoint admin center or CoreView. The following steps will guide you on how to check this in CoreView:
- Go to the CoreView portal.
- Navigate to “Audit” in the side panel menu, select “SharePoint” and then “Sharing operations”.
- To check if your SharePoint sites or objects have been shared externally, apply a filter to the “Target user or group type” column. Simply type “Guest” into the filter.
- Additionally, you can refine your search by setting a specific timeframe. Simply select the desired number of days from the dropdown menu located in the top right corner.
Please be aware that Microsoft promises to retain your audit logs for either 30 or 90 days, depending on your license. However, CoreView extends this period by keeping your audit logs for a full year (12 months).
- Target User or group name: This allows you to see with whom the file was shared.
- Target User or group type: This identifies the type of the target user or group, which could be a Member, Guest, SharePointGroup, SecurityGroup, or Partner.
- Object Id: This column pinpoints the resource that the target user was granted access to.