Chat now with support
Chat with Support

On Demand Audit Current - User Guide

Introducing On Demand Audit Configuring On Demand Audit Change Auditor Integration Working with On Demand Audit Appendix A: Working with Filters Documentation Roadmap

Teams built in searches

On Demand Audit provides the following Teams searches:

  • Teams app events in the past 7 days

  • Teams bot events in the past 7 days

  • Teams channel events in the past 7 days

  • Teams client configuration changes in the past 30 days

  • Teams connector events in the past 7 days

  • Teams events in the past 7 days

  • Teams guest access configuration changes in the past 30 days

  • Teams guest members added in the past 7 days

  • Teams member role changes in the past 7 days

  • Teams member changes in the past 7 days

  • Teams notification and feeds policy changes in the past 30 days

  • Teams organization setting changes in the past 30 days

  • Teams tab events in the past 7 days

  • Teams targeting policy changes in the past 30 days

  • Teams team created events in the past 30 days

  • Teams team deleted events in the past 30 days

  • Teams team setting changes in the past 7 days

  • Teams user sign-in events in the past 7 days

On Demand Audit built in searches

On Demand Audit provides the following On Demand Audit built in search:

  • All On Demand Audit events in the past 30 days

Creating a custom search

Custom searches allow you to locate and report on the data that is of interest to you. The associated search preview updates as you construct a search to ensure you are getting the desired results. For options, see Customizing the columns displayed in a search.

NOTE:

  • Private search names must be unique among all categories for each user.

  • Shared search name must be unique among all shared searches in all categories in the organization

To create a search

  1. Under the Searches tab, click New Search.
  2. Enter a name for the search.
  3. Click Add to enter the required search criteria.
  4. Select as many filters as required. Search terms are highlighted in the preview (and search results and event details) to allows you to quickly scan for matches.
  5. Click Edit Columns to arrange, add, and remove the columns displayed in the search. See Customizing the columns displayed in a search.
  6. Click Save.By default, the new search will be created in the category you have selected when clicking New Search. If required select a different category.
  7. Select whether this is a private or shared search. Working with private and shared searches.
  8. Click Save.
  9. If required, click Alert, select the required alert plan (or create a new alert plan) to notify the required individuals , click Save. See Working with alerts and alert plans

Available filters

The available string operators include:

  • equals
  • does not equal
  • contains
  • does not contain
  • in
  • not in
  • starts with
  • does not start with
  • ends with
  • does not end

The available integer operators for sign-in events:

  • equals_number
  • does_not_equal_number
  • greater_than
  • greater_than_or_equals
  • less_than
  • less_than_or_equals
  • between_number

The available date and time operators include:

  • during last number of days or hours (By default, this is set to the last 7 days for all new searches.)
  • between
  • before
  • after

Copying an existing search

Copying an existing search allows you to take advantage of existing settings and modify as required.

  1. Under the Searches tab, select the search.
  2. Click the copy icon. The search is created with "Copy" appended to its name.
  3. Enter a new name and change the category, if required, by selecting a new category from the drop don list.
  4. Select whether this is a private or shared search. See Working with private and shared searches.
  5. Click Copy.

The new search is now available to edit as required.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating