There is a built in audit function which tracks any actions on the Portal that a Local Administrator or a User has performed. The audit report will tell you the time that the action was performed, who performed it, the target object (e.g. the name of the distribution list or user account), the target organisation, the object type and the action. You may need to use this feature for information governance purposes should you need to track an unexpected behaviour (e.g. user accounts being deleted unexpectedly).
2.Select the criteria from the different fields based on the type of audit report you want to produce
The information you enter in all the other fields depends on what type of audit you want to run.
For example, to run an audit based on a particular user or administrator, type their email address into the User Performing Action box, select a start and end time/date to see all activity for that period.
You can further refine the reports by choosing the action that was performed (Create, Update, Delete or Other) from Actions. Or selecting what the action was performed on (User Mailbox, Shared Mailbox, Distribution List, Contact or Organisation) from Object Types.
Leave the User Performing Action field blank to run an audit on all users. If you want to see what actions have been performed on a specific user account, type their email address in Target Object and then select the Actions or Object Types if required.
Note: the detailed message content is intended for a technical audience that can read log files
If you need to save the results of an audit report, you can export the results to a CSV file. You may want to do this if the audit report needs to be used for information governance purposes
To export an audit report:
|Last Reviewed Date||14/05/2021|