Audited Activities
Last updated
Last updated
Microsoft 365 audit logs capture a broad range of activities across various services to provide detailed insights into user and admin actions.
Key categories include:
User and Admin Actions: Logging of activities like user logins, admin operations, and policy changes.
Collaboration Activities: Actions performed in Microsoft Teams, such as adding bots, creating channels, and managing meetings.
SharePoint and OneDrive Operations: File access, sharing activities, and permission changes.
Exchange Online: Email-related events, including mailbox access and message forwarding activities.
Microsoft Stream and Project for the Web: Video-related events and task/project management activities.
Governance and Compliance: Activities involving sensitivity labels, data classifications, and policy updates in Microsoft Purview.
These audit records not only provide a history of events but also track key operations such as enabling/disabling compliance settings, search queries, and data exports. The logs can be accessed through the Microsoft Purview portal or PowerShell tools for advanced filtering and exporting purposes. A full list is provided in the link below.