Understanding Office 365 Unified Audit Logging

Watch the On-Demand Webinar

Office 365 provides a centralized audit logging facility that allows you to track what’s happening in Azure Active Directory, Exchange Online, SharePoint Online, and OneDrive for Business. This new auditing feature is different than auditing logging within on-premise versions of SharePoint and Exchange.

In this on-demand webcast, Randy Franklin Smith, Ultimate Windows Security subject matter expert, and Bruce Deakyne, LogRhythm technical product manager, introduce you to Office 365 Unified Audit Logging.

You’ll learn:

  • What administrative actions you can audit
  • What user level actions you can audit
  • What other events are captured (such as suspicious logons)
  • How to enable auditing
  • How to access the audit logs

Office 365 offers a limited web portal where you can search and access audit events online. The duo briefly demonstrate how LogRhythm interfaces with the API to get Office 365 events where they belong—in your SIEM. You’ll also see how LogRhythm’s Security Intelligence and Analytics Platform helps you correlate events across your IT environment and produce actionable insights.