Chat now with support
Chat with Support

Change Auditor 7.2 - Office 365 and Azure Active Directory User Guide

Office 365 and Azure Active Directory Auditing Overview



Change Auditor provides extensive, customizable auditing of critical activities and detailed alerts about vital changes taking place in Microsoft Office 365 Exchange Online, SharePoint Online, OneDrive for Business, and Azure Active Directory. Continually being in-the-know helps you to prove compliance, drive security, and improve uptime while proactively auditing changes to configurations and permissions.

You can generate intelligent, in-depth reports, protecting you against policy violations and avoiding the risks and errors associated with day-to-day modifications. By correlating accounts across the on-premises and cloud environment, you can easily search all events regardless of where they occurred.

Change Auditor’s consolidated audit platform, which is not available with system provided tools, enhances your ability to secure your directory and resources. Specifically, Change Auditor provides:

System overview

To audit Office 365 and Azure Active Directory, Change Auditor agents require access to the tenant. A web application, which is an Azure Active Directory object, is used to grant this access to external programs, such as Change Auditor.

In addition, to configure and maintain Exchange Online mailbox auditing, Change Auditor agents must be granted access to the Exchange Online organization.

The following describes the integration points and process required for auditing:


Client components and features

The following table lists the client components and features that require a valid Change Auditor for Exchange, Change Auditor for Active Directory, Change Auditor for SharePoint, and Change Auditor for Logon Activity license. You are not be prevented from using these features; however, associated events are not captured or enforced unless the proper license is applied.

NOTE: To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), select Action | Hide Unlicensed Components. This command is only available when the Administration Tasks tab is the active page.


Administration Tasks Tab

Audit Task List:

Event Details Pane

What Details:



Search Properties

What Tab:

Searches Page

Built-in Reports:

Alert Custom Email Dialog

Exchange Online only.

Add Owner(s) of Non-Owner Events option — to send an alert to the Exchange Mailbox owner when another user accesses their mailbox.

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating