Chat now with support

Live-Hilfe anfordern
Registrierung abschließen

Anmelden

Preisinformationen anfragen

Vertrieb kontaktieren

Change Auditor 7.1.1 - Whats New

Inhaltsnavigation

What's New in Change Auditor 7.1.1

Additional Office 365 Exchange Online mailbox events Enhanced security auditing Search enhancements SIEM tool integration improvements Ability to audit and protect the Active Directory Database Ability to audit Active Directory Federation Services Foreign forest support Authentication enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.1

Azure Active Directory and Office 365 updates Active Directory updates Foreign forest support On Demand Audit integration updates Authentication and Logon activity updates Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.4

Foreign forest support Additional internal events Azure Active Directory and Office 365 updates Threat Detection enhancements SIEM subscription updates and enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.3

Change Auditor and On Demand Audit integration Azure Active Directory and Office 365 enhancements Threat Detection enhancements Additional internal events Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.2

Threat Detection updates and enhancements SIEM subscription updates and enhancements Additional PowerShell commands Ability to search based on authentication type and port Enhanced security between Change Auditor components (FIPS compliance) Azure Active Directory and Office 365 enhancements Additional platform support Miscellaneous features and enhancements

What's New in Change Auditor 7.0.1

GDPR built-in reports SIEM tool integration improvements Azure Active Directory auditing improvements Active Directory auditing improvements Improved tracking of changes to searches Additional platform support Email alert improvements Office 365 Exchange Online search improvements Miscellaneous enhancements and updates

What's New in Change Auditor 7.0

Updated license format Ability to forward event to third party tools Enhanced data security between the SQL Server and the coordinator Ability to manage Active Directory protection with PowerShell commands Ability to identify Read-Only Domain Controllers Search enhancements New built-in searches Additional platform support Miscellaneous enhancements and updates

What's New in Change Auditor 6.9.5

Additional platform support Ability to configure agents to function with proxy servers Enhanced ability to share and save search results Additional coordinator status information

What's New in Change Auditor 6.9.4

Additional platform support New Azure Active Directory events New built-in searches

What's New in Change Auditor 6.9.3

Additional platform support Generic Office 365 and Azure Active Directory events Azure Active Directory Auditing Wizard New Azure Active Directory events Additional Office 365 and Azure Active Directory event details Search improvements

What's New in Change Auditor 6.9.2

Additional platform support Office 365 auditing configuration and subsystem updates Office 365 SharePoint Online events Office 365 OneDrive for Business Additional internal events and built-in reports Updated Office 365 PowerShell commands New Azure Active Directory events New Office 365 and Azure Active Directory auditing guides

What's New in Change Auditor 6.9.1

Additional platform support Ability to search on selected mailboxes when creating and editing an Office 365 Exchange Online template Additional Office 365 Exchange Online internal events and built-in reports Additional Azure Active Directory events Additional Active Directory custom user monitoring events Azure Active Directory and Office 365 Exchange Online historical event collection Ability to detect Skype for Business agent status and configuration

What's New in Change Auditor 6.9

Additional platform support Office 365 Exchange Online auditing Azure Active Directory auditing Skype for Business auditing New PowerShell capabilities IT Security Search System requirement changes in Change Auditor 6.9 Miscellaneous

Additional internal events and built-in reports

The following internal events have been added to help you detect auditing issues and to identify changes made to your templates:

Table 10. New events
Event	This event is triggered when....
Office 365 auditing template added	Created when an Office 365 auditing template is added to Change Auditor.
Office 365 auditing template agent changed	Created when the agent for an existing Office 365 auditing template is changed. The event details include the old and new agent FQDN.
Office 365 auditing template disabled	Created when an Office 365 auditing template is disabled.
Office 365 auditing template enabled	Created when an Office 365 auditing template is enabled.
Office 365 auditing template removed	Created when an Office 365 auditing template is removed from Change Auditor.
Office 365 auditing web application changed	Created when the web application is changed for an existing Office 365 template. The event details display the old and new web application ID GUID. NOTE: An Office 365 auditing web application key change event is also generated since the key is a property of the web application.
Office 365 auditing web application key changed	Created when the web application key is changed for an existing Office 365 template.
Office 365 OneDrive for Business auditing disabled	Created when OneDrive for Business is disabled in an Office 365 auditing template.
Office 365 OneDrive for Business auditing enabled	Created when OneDrive for Business is enabled in an Office 365 auditing template.
Office 365 SharePoint Online auditing disabled	Created when SharePoint Online is disabled in an Office 365 auditing template.
Office 365 SharePoint Online auditing enabled	Created when SharePoint Online is enabled in an Office 365 auditing template.

The following built-in reports have been added to help you quickly get a sense of the Office 365 activity within your organization and sites:


	NOTE: Office 365 — Operation and Office 365 Site URL columns are now available to include as layout options to help you access information quickly.

•

All Office 365 events in the past 7 days

•

All Office 365 Exchange Online events in the past 7 days

•

All Office 365 OneDrive for Business events in the past 7 days

•

All Office 365 OneDrive for Business events in the past 7 days grouped by operation

•

Office 365 OneDrive for Business file activity events in the past 7 days

•

Office 365 OneDrive for Business folder activity events in the past 7 days

•

All Office 365 SharePoint Online events in the past 7 days

•

All Office 365 SharePoint Online events in the past 7 days grouped by operation

•

Office 365 SharePoint Online file activity events in the past 7 days

•

Office 365 SharePoint Online folder activity events in the past 7 days

Updated Office 365 PowerShell commands

Updated Office 365 PowerShell commands

The PowerShell commands have been updated to allow you to manage auditing of the supported Office 365 services.

•

New-CAO365Template

Use this command to create a template for auditing Office 365 Exchange Online, SharePoint Online, and OneDrive for Business.

•

Set-CAO365Template

Use this command to edit the account used to access Office 365 Exchange Online, the type of service and events to audit, and select a new agent.

•

Get-CAO365Templates

Use this command to see all the Office 365 templates available within your installation.

New Azure Active Directory events

The following events have been added.

Table 11. Azure Active Directory User events
Event	This event is triggered when....
User AccountEnabled property changed	Created when a user’s sign-in status is changed. (Administrators can set the status to allowed and blocked.)
User AssignedPlan property changed	Created when a user’s service plan and application are changed as a result of a license change.
User AssignedLicense property changed	Created when a user’s product licenses has been edited. (Administrators can assign, reassign, or remove licenses as required.)
User license changed	Created when the license assigned to a user in the directory is changed.
User Mobile property changed	Created when a user’s mobile phone number is changed.
User OtherMail property changed	Created when a user's alternate email address is changed.
User OtherMobile property changed	Created when a user's alternate mobile phone number is changed.
User TelephoneNumber property changed	Created when a user's telephone number is changed.
User StrongAuthenticationMethod property changed	Created when the multi-factor authentication for verification method has been changed for a user. Available methods include call to phone, text message to phone, notification through mobile application, and verification code from mobile application.
User StrongAuthenticationUserDetail property changed	Created when a user’s phone number, alternative phone number, or email address used for multi-factor authentication and password reset verification have been changed.
User StrongAuthenticationRequirement property changed	Created when multi-factor authentication is enforced, enabled, or disabled for a user. Turning on multi-factor authentication changes the state to enabled. The state changes to enforced when the user signs in and authenticates.

Table 12. Azure Active Group events

This event is triggered when....

Group Description property changed

Created when the group description is changed.

Group DisplayName property changed

Created when the group display name (friendly name) is changed.

Group GroupType property changed

Created when the group type (Office 365, Distribution List, or Security) and the group membership type (assigned or dynamic) is changed.

NOTE:

•

Office 365 groups have a group type property of 'Unified' and security groups and distribution lists display an empty group type.

•

If the Group Membership assignment is dynamic, the group type property displays DynamicMembership'. If the Group Membership is assigned, the group type property is empty.

Group IsPublic property changed

Created when the group privacy setting (public or private) is changed.

Group MailNickName property changed

Created when the nickname is changed for an address book object.

Group MembershipRule property changed

Created when the criteria that determines which members should belong to a dynamic group is changed.

NOTE: This option is only available with an Azure Active Directory premium license and is set through configuring a group’s dynamic membership settings.

Group MembershipRuleProcessingState property changed

Membership Rule Processing state is an enumeration which is set to be either on or paused. If dynamic membership has been enabled for a group, the membership rule processing state determines whether the membership rule is applied.

Created when the status of membership processing state is changed for a group.

NOTE: This value can only be changed through PowerShell.

New Office 365 and Azure Active Directory auditing guides

Office 365 and Azure Active Directory auditing and event information consolidated into dedicated guides.

•

All information about the additional Office 365 (and Azure Active Directory) auditing features that are available when a valid Change Auditor for Exchange, Change Auditor for SharePoint, or Change Auditor for Active Directory license has been applied are available within the Office 365 and Azure Active Directory Auditing User Guide.

•

A description of all Office 365 (and Azure Active Directory) events that can be captured when you have licensed Change Auditor for Active Directory, Change Auditor for Exchange, and Change Auditor for SharePoint are found in the Office 365 and Azure Active Directory Auditing Event Reference Guide.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen

© ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz Cookie Preference Center