Any activity prior to enabling the log will not be available. Now that you have enabled the audit log, you can use the next set of steps to review an account and identify IP addresses used to recently login. Using the Office 365 Audit Log to Verify Account Security
Access the Security & Compliance Center from your Office 365 Admin portal.
Enabling the Office 365 Audit Logįirst, you will need to make sure you have the Audit log enabled: How can they be certain the account is secure? One method is to use the Office 365 audit log. No harm done right? If the claim is true, then yes, the user’s account should not be compromised, but this still leaves the ever-cautious Administrator uneasy. Luckily, the end user claims they either did not access the link within the malicious message, or they did but did not proceed to input their credentials. They found the link to be a spoof of the Office 365 login page, designed to provide any input credentials directly to an attacker. The Administrator does his due diligence and determines the message to be malicious in origin. The e-mail contains a link to a webpage that appears to be the Office 365 login page. Imagine this scenario that System Administrators are more commonly being faced with: An end user forwards along an e-mail inquiring about its legitimacy.
0 kommentar(er)
