audit log

Understanding External Access to Documents in an Office 365 Tenant (Part 3)

The Office 365 Audit Log holds lots of interesting information about how people share information. In this article, we explore how to use the audit log records to discover the document sharing habits of users, including the documents shared with guest users and people outside the tenant.

LATEST

The Big Flaw in Exchange Online Auditing

You can capture Exchange mailbox events in the Office 365 audit log, but only if you remember to enable auditing for target mailboxes. Exchange Online doesn’t enable new mailboxes for auditing by default, so administrators must remember to enable the mailboxes manually – and check for new mailboxes periodically. If you don’t, nothing is recorded and your audit log will be empty.

View Article

Office 365 Audit Logging Generates Lots of Data – and Some Odd Entries

Office 365 audit logging generates a lot of data – sometimes too much. The trick is to know what events are recorded and what applications capture. Some pretty strange audit events turn up in the log, but everyone should relax because they are just traces of the system doing its own thing.

View Article

Office 365 Alert Policies Automate Audit Monitoring

No one likes looking at a stream of audit events flowing by, especially when an Office 365 tenant generates so many events. Alert policies allow tenants to define patterns of activity that indicate suspicious or harmful behavior. There’s goodness here, as long as you have Office 365 E5 subscriptions.

View Article

How Background Office 365 Processes Cause Confusion

Background processing usually remains hidden from end users. No need exists for a user to understand what maintenance goes on under the covers of the service. Office 365 delivers service with no fuss to its users, but recently I have noticed some instances when background processes have made themselves felt. Although these are not serious issues, they are a worrying sign of a lack of attention to detail.

View Article