Search and Investigation Part 2: Audit Log
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
6 hours 59 minutes
Welcome back to the M s 3. 65 Security Administration course.
I'm pumped to be your instructor, Jim Deng's.
We're on module five in this 3 65 compliance.
part two on along
in this lesson,
we're going to go over.
Permission is required to search around the old
permission is required to start around the analog. How to configure audit policies.
This is a part of my childhood,
right and stepping.
Fact I recently day or looking at doing a reboot of ren and Stimpy
kind of cool.
So if you watch your Innocenti, you know the long song logs. Or better than that,
you can search for these types of activities within in this for 65 through logs,
user activity and SharePoint on one drop
activity in exchange
even have exchange mailbox audit, logging,
admin activity in SharePoint and then activity and azure A d
at me and activity in exchange online user and admin activity and sway. If you use white,
he's an M and a activity in power bi I
user admin activity and teams user and am in activity in yammer.
And Microsoft is continuously adding more to the Auto log search
configuring audit policies.
Microsoft 3 65 Auditing policies enable organizations to log events
such as viewing, editing and deleting content like email messages. Documents. Task list
is useless. Discussion groups calendars
So all of these events
can be long.
So if you have someone who wants to know who do leader one document,
take it out along.
You have a policy when you think they can get in the work on it.
If there's a certain document SharePoint on, they want to know whenever is added it.
They can go in and set their own or user based alarms based on the analog.
Pretty cool stuff.
Once out of the is turned on
war compliance officer in search for hundreds of individual types of events from industry 65.
Some of the reasons you may want to search or to discover user and administrative activities or even find you discovery related activities.
You can filter search results
when you run auto long search, and when the results are displayed, just click full to result results so you have pretty filter opposed filter
exporting search results.
The results of an audit long starts can be exported into a CSTV foul
that's see SV Foul can be searched, sortie, filtered and have other advanced data features. Apply to it within Excel
advanced on it.
High value events power quicker investigations
process inside show contacts and key patterns.
Longer term attention
to meet investigation and compliance requirements near real time access to data to enable fast access to audit events.
e discovery actions. Such just searches and exports
are searchable in the office. 3 65 Audit logs True
The answer to that, of course, is true. Yeah,
I'm going to give you guys will be a time to read the parody comic
for Schoolhouse Rock.
To recap The short lesson in mystery 65. Auditing policies
enables organizations to log events such as viewing, editing and deleting content,
such as email messages, documents
library items, discussion groups, calendars.
Thank you for joining me on this lesson.
You see for the next one take care