Audited Activities

Overview

Microsoft 365 audit logs capture a broad range of activities across various services to provide detailed insights into user and admin actions.

Key categories include:

  1. User and Admin Actions: Logging of activities like user logins, admin operations, and policy changes.

  2. Collaboration Activities: Actions performed in Microsoft Teams, such as adding bots, creating channels, and managing meetings.

  3. SharePoint and OneDrive Operations: File access, sharing activities, and permission changes.

  4. Exchange Online: Email-related events, including mailbox access and message forwarding activities.

  5. Microsoft Stream and Project for the Web: Video-related events and task/project management activities.

  6. Governance and Compliance: Activities involving sensitivity labels, data classifications, and policy updates in Microsoft Purview.

These audit records not only provide a history of events but also track key operations such as enabling/disabling compliance settings, search queries, and data exports. The logs can be accessed through the Microsoft Purview portal or PowerShell tools for advanced filtering and exporting purposes. A full list is provided in the link below.

LogoAudit log activitiesMicrosoftLearn
PreviousEnable UALNextSupported Services

Last updated