You can use the auditing functionality in the Office 365 Security & Compliance Center to track changes made to your Exchange Online configuration by Microsoft and by your organization’s administrators. Exchange Online also provides mailbox audit logging to let you track access to mailboxes by someone other than the mailbox owner. You have to enable mailbox audit logging for each mailbox that you want to track non-owner access.
The following table contains links to topics that will help you learn about and manage auditing in Exchange Online.
|
Topic |
Description |
|---|---|
|
Learn how to enable audit logging for user mailboxes. After auditing is enabled you can run a non-owner mailbox access report to determine if users other than the owner has accessed a mailbox. By default, mailbox audit logging in Microsoft 365 isn’t enabled, so you have to enable it to capture actions for reporting. |
|
|
Learn about mailbox and admin audit logging in Exchange Online. |
|
|
Learn how to export entries from mailbox audit logs about non-owner access to user mailboxes. |
|
|
Learn how to search mailbox audit logs for mailboxes that have been opened by someone other than the owner. This requires that mailbox audit logging is enabled for user mailboxes. |
|
|
Learn how to run the admin role group audit report to see which users where added or removed from role groups. This topic also describes how to export the admin audit log. |
|
|
Learn how to search the admin audit log to determine if a Litigation Hold was enabled or disabled for a user’s mailbox. |
|
|
Learn how to view entries from the admin audit log for Exchange Online configuration changes made by your organization’s administrators. |
|
|
Learn how to view entries from the admin audit log for configuration changes made to your Exchange Online organization by Microsoft or by a delegated admin. |
