From the course: Microsoft 365: Manage Governance and Compliance
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Monitoring the unified audit logs
From the course: Microsoft 365: Manage Governance and Compliance
Monitoring the unified audit logs
- [Instructor] Monitoring the unified audit log. There are three approaches to monitoring the audit log. First is manual, which requires someone to access the audit log search and perform searches. The second is to utilize audit log search alerts to be notified when an event match is found. Lastly, feeding the audit log into a SEIM-compliant platform, either within Azure or a third party or on-premises, can help in monitoring the audit log. So what are the common audit log activities, and the scenarios that we're trying to cater for? Well, it could be find the IP address of a computer that was used to access a compromised account. It could be determining who set up email forwarding for a mailbox, determine if a user deleted email items or created an inbox rule, investigate why there was a successful login by user outside the organization, or just identify resources that have been shared with external users. So how do we identify…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.