After creating Office 365 Exchange Online or Azure AD template using existing web application, no events are received and the following error can be found in the agent log:
"AzureAD Auditor Event collector failed while getting AuditEvent report, will try again after 30 seconds error: The remote server returned an error: (403) Forbidden."
Azure application was created and assigned required permissions using the new Azure AD portal (https://portal.azure.com).
This is an issue on MS side where permissions are not set via the new Portal.
Go to the classic Azure AD Portal (https://manage.windowsazure.com/) and save the application (a change will be required in order for the Save option to appear).
This will force the application to gain the proper permissions and will allow CA to work.