On Demand Audit Current - User Guide

Supported regions

A Microsoft Azure region is a set of datacenters deployed within a geographic area. Selecting the correct region for your On Demand organization enables you to achieve higher performance and supports your requirements and preferences regarding data location. Specifying the region for your organization determines the geographical region where your data is stored.

During sign up, you can choose the region where your On Demand data will be hosted. The following regions are currently supported for On Demand Audit:

• Australia
• Canada
• Europe
• UK
• United States

Configuring On Demand Audit

• Working with tenants
• Granting required consent
• Configuring tenant auditing
• Historical event collection
• Adding a user to an organization
• On Demand Audit Access Control roles
• Change Auditor Integration

Working with tenants

You must have a tenant in the organization to audit the Office 365 and Azure Active Directory activity.

To add a tenant:

1. Log in to On Demand.
2. From My Dashboard, click Add tenant.
3. Sign in as a Global administrator account for the tenant on the Azure sign in page.
4. Read through the required permissions and select Accept.
5. To add another tenant, navigate to the Auditing module. From the Configuration tab, click Add tenant. Repeat steps 3 and 4.

Granting required consent

Before you can audit Office 365 and Azure Active Directory activity and generate searches, On Demand must be granted consent to audit the Office 365 organization and its tenants.

To grant the required consent:

1. Log in to On Demand, and select Auditing.
2. Click Go on the Audit module.
3. Click the Need to grant admin consent link. The Azure sign in page opens. If you are signed in as the Global administrator for the tenant, you can grant consent to the On Demand Audit application.
4. Read through the required permissions and select Accept. Once this is complete, you are redirected to On Demand Audit page.