Change Auditor 7.0.2 - Office 365 and Azure Active Directory User Guide

Office 365 and Azure Active Directory Auditing Overview

 

Introduction

Change Auditor provides extensive, customizable auditing of critical activities and detailed alerts about vital changes taking place in Microsoft Office 365 Exchange Online, SharePoint Online, OneDrive for Business, and Azure Active Directory. Continually being in-the-know helps you to prove compliance, drive security, and improve uptime while proactively auditing changes to configurations and permissions.

You can generate intelligent, in-depth reports, protecting you against policy violations and avoiding the risks and errors associated with day-to-day modifications. By correlating accounts across the on-premises and cloud environment, you can easily search all events regardless of where they occurred.

Change Auditor’s consolidated audit platform, which is not available with native tools, enhances your ability to secure your directory and resources. Specifically, Change Auditor provides:

System overview

To audit Office 365 and Azure Active Directory, Change Auditor agents require access to the tenant. A web application, which is an Azure Active Directory object, is used to grant this access to external programs, such as Change Auditor.

In addition, to configure and maintain Exchange Online mailbox auditing, Change Auditor agents must be granted access to the Exchange Online organization.

The following describes the integration points and process required for auditing:

 

Client components and features

The following table lists the client components and features that require a valid Change Auditor for Exchange, Change Auditor for Active Directory, Change Auditor for SharePoint, and Change Auditor for Logon Activity license. You are not be prevented from using these features; however, associated events are not captured or enforced unless the proper license is applied.

NOTE: To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), select Action | Hide Unlicensed Components. This command is only available when the Administration Tasks tab is the active page.

 

Administration Tasks Tab

Audit Task List:

Event Details Pane

What Details:

Events

Facilities:

Search Properties

What Tab:

Searches Page

Built-in Reports:

Alert Custom Email Dialog

Exchange Online only.

Add Owner(s) of Non-Owner Events option — to send an alert to the Exchange Mailbox owner when another user accesses their mailbox.

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
联系我们
获得许可 帮助
技术支持
查看全部
相关文档