立即与支持人员聊天
与支持团队交流

Change Auditor 7.4 - Office 365 and Azure Active Directory User Guide

Office 365 and Azure Active Directory Auditing Overview Configuring Office 365 and Azure Active Directory auditing Reports and Searches

Introduction to Office 365 and Azure Active Directory reporting

Change Auditor delivers both preconfigured and customizable reports displaying events in one centralized viewer. You can create custom search definitions to locate changes made in Office 365 and Azure Active Directory. Using the available search properties across the bottom of the Searches page, you can define the search criteria and include specific columns to access more tenant details.

When Change Auditor is deployed in a synchronized environment, you can add extra columns to display extra mapping information about synchronized Active Directory users and their cloud identities for Office 365 and Azure Active Directory events. For details, see Auditing in synchronized environments.

Office 365 built-in reports

Office 365 built-in reports

To see a complete list of built-in reports, see the Change Auditor Built-in Reports Reference Guide.

To view all Office 365 searches:
1
Start the client and open the Searches tab.
2
In the explorer view (left pane), expand the Shared | Built-in | Office 365 folder.
3
Locate and double-click the required search in the right pane.

Azure Active Directory built-in reports

Azure Active Directory built-in reports

To see all available built-in reports, see the Change Auditor Built-in Reports Reference Guide.

To view all Azure Active Directory searches:
1
Start the client and open the Searches tab.
2
In the explorer view (left pane), expand the Shared | Built-in | Azure Active Directory folder.
3
Locate and double-click the required search in the right pane.

Custom searches

You can create custom searches to meet your specific needs by using the following search properties tabs to define the criteria:
What - allows you to search for events generated in a specific subsystem
Who - allows you to search for events generated by a specific user
Where - allows you to search for events captured by a specific agent
When - allows you to search for events that occurred within a specific date and time range

 

* 
NOTE: Selecting the Private folder creates a search that only you can run and view, whereas selecting the Shared folder creates a search that all users can view and run.

The following examples show how to use searches to find the information you need.
Creating custom Exchange Online searches
Creating a custom SharePoint Online and OneDrive for Business search
Creating custom Azure Active Directory searches
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级