Chat now with support
Chat with Support

Change Auditor 7.0.3 - Office 365 and Azure Active Directory User Guide

Additional Office 365 and Azure Active Directory event details

The event details pane contains the following additional information to help gain a better understanding of the activities taking place in Microsoft Office 365 Exchange Online, SharePoint Online, OneDrive for Business, and Azure Active Directory.

Table 10. Event details


Displays a high-level view of the activity that is generated for each event.

You can quickly see when the event occurred, who made the change, what changed, where the change originated, the activity, the target type, synchronization type, subject type, subject synchronization type, activity type, category, and action,

Additional information for sign-in events include the reason for a sign-in failure and the sign-in location.

Additional information for sign-in risk events include the type of risk activity, risk status, risk level, and origin (IP address).

Target (Azure Active Directory events only)

Displays details on the property updates with the old and new value when available. It also displays information about multiple targets affected by a single event. For example, when a user added to a group, you can see both the user and the group as affected targets. When there are multiple targets, the target that best matches the activity type is displayed as the primary target in the Overview tab.


Displays all available properties for a deeper analysis of the activity. It contains raw data from the Azure Active Directory Reporting API. For
sign-in risk events, it contains raw data from the Azure Active Directory Identity Protection API.

Parameters (Exchange Online Administration events only)

Displays the parameters used to run the Office 365 Administrative command.





Related Documents