MC686594 – To search or export the audit log, administrators or members of investigation teams must be assigned to at least one of the View-Only Audit Logs or Audit Logs roles. These roles can currently be assigned either through the Microsoft Purview Compliance portal or through the Exchange Admin Center. Starting February 2, 2024, Microsoft is simplifying Audit permissions management by ensuring you can manage access to Audit in accordance with your other Purview permissions controls directly from the Microsoft Purview Compliance portal. The ability to manage Audit permissions from Exchange Admin Center will cease to be available starting February 2, 2024. Microsoft recommends that you start using the Purview Compliance portal to manage Audit permissions and familiarize yourselves with the new permission controls. To minimize impact to your organization, all existing Audit permissions currently assigned in the Exchange Admin Center will be automatically configured in the Purview Compliance portal on February 2, 2024.
You can learn more about the new permission controls at Set up Audit (Standard) in Microsoft 365 | Microsoft Learn.
When this will happen:
Starting February 2, 2024, Microsoft is simplifying Audit permissions management by ensuring you can manage access to Audit within the Microsoft Purview Compliance portal. Starting February 2, 2024, you will no longer be able to manage Audit permissions using the Exchange Admin Center. Any Audit permissions assigned through the Exchange Admin Center on or before February 1, 2024 (existing or new permissions) will be automatically replicated into the permissions tab of the Microsoft Purview Compliance portal on February 2, 2024.
How this will affect your organization:
Microsoft recommends that you use the Purview Compliance portal to manage Audit permissions. Starting February 2, 2024, you will no longer be able to manage Audit permissions through the Exchange Admin Center.
You can learn more about the new permission controls at Set up Audit (Standard) in Microsoft 365 | Microsoft Learn.
What you need to do to prepare:
Microsoft recommends that you start using the Microsoft Purview Compliance portal to manage Audit permissions and familiarize yourselves with the permissions controls within the Microsoft Purview Compliance portal. You can start to manually reconfigure Audit permissions using the Microsoft Purview Compliance portal right away to get familiar with the new permission controls. Any existing Audit permissions assigned through the Exchange Admin Center on or before February 2, 2024, will be automatically configured into the permissions tab of the Microsoft Purview Compliance portal on February 2, 2024. You do not need to take any action towards the replication of these permissions.
Learn more about audit-related role groups here: Set up Audit (Standard) in Microsoft 365 | Microsoft Learn
Microsoft Purview Audit enables customers to centrally visualize cloud log data generated across their enterprise, thus helping them effectively respond to security events, forensic investigations, internal investigations and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded and retained in customers unified Microsoft Purview Audit logs.
Learn more:
Previous Microsoft 365 suite Changelog Messages
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.