John Yassa's Blog

Home » Microsoft Azure » New activity logging and reporting capabilities for Office 365

New activity logging and reporting capabilities for Office 365

Microsoft is pleased to announce the roll out of new activity logging and reporting capabilities for Office 365, including the Office 365 activity report, comprehensive logging capability, PowerShell command or cmdlet and a preview of the Office 365 Management Activity API.

Office 365 activity report

The Office 365 activity report enables you to investigate a user’s activity by searching for a user, file or other resource across SharePoint Online, One Drive for Business, Exchange Online and Azure Active Directory, and then download the activities to a CSV (comma separate values) file. You can filter by date range, user, file/folder and activity type. This feature is especially useful for compliance reporting purposes for companies that are in highly regulated industries such as pharmaceuticals and financial institutions

You can use the Office 365 activity report in the Office 365 Compliance Center to view user and admin activity in your Office 365 organization. The report contains entries for the following types of events:

  • Admin activity (admin audit logging) in Exchange Online.
  • Access to mailboxes by someone other than the owner (mailbox audit logging) in Exchange Online.
  • User activity in SharePoint Online and OneDrive for Business.
  • Admin activity in SharePoint Online and OneDrive for Business.
  • Admin activity in Azure Active Directory (the directory service for Office 365).
  • User sign-in activity in Azure Active Directory.

Announcing-new-activity-logging-and-reporting-capabilities-for-Office-365-1-v2

Comprehensive logging capability

User and admin activity events are logged across SharePoint Online, One Drive for Business, Exchange Online and Azure Active Directory. This is useful for helping to see what types of files a user has been sharing with others in the organization.

Today, you can search on over 150 events (with more coming soon), including file views, mailbox owner activity, Azure Active Directory log ins and many more. In the future, we plan to expand these capabilities to include activities in other Office 365 services, such as Yammer and Skype for Business.

Search PowerShell cmdlet

Another new way to search activity logs is with PowerShell, using the Search-UnifiedAuditLog cmdlet, which enables you to run scoped queries against the audit storage log, such as by date, record type, operation and file extension. This cmdlet also lets you export those logs to a file. For example you could run the following cmdlet to search user activity logs for all events from May 1, 2015 to June 26, 2015:

Search-UnifiedAuditLog -StartDate May 1, 2015 -EndDate June 26, 2015

These capabilities started to roll out last month. 

 

Sources: Office Blogs


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: