Some services have multiple record types for different types of activities within the same service. The previous table also identifies the record type value to use to search the audit log for activities in the corresponding service using the Search-UnifiedAuditLog cmdlet in Exchange Online PowerShell or by using a PowerShell script. ThreatIntelligence, ThreatIntelligenceUrl, ThreatFinder, ThreatIntelligenceAtpContentĭataShareCreated, DataShareDeleted, GenerateCopyOfLakeData, DownloadCopyOfLakeDataįor more information about the operations that are audited in each of the services listed in the previous table, see the Audit log activities article. SharePoint, SharePointFileOperation,SharePointSharingOperation, SharePointListOperation, SharePointCommentOperation
MIPLabel, SensitivityLabelAction, SensitivityLabeledFileAction, SensitivityLabelPolicyMatch MIPLabel, MipAutoLabelExchangeItem, MipAutoLabelSharePointItem, MipAutoLabelSharePointPolicyLocation Microsoft Purview Information Protection (MIP) labels Microsoft 365 service or featureĪzureActiveDirectory, AzureActiveDirectoryAccountLogon, AzureActiveDirectoryStsLogonĪipDiscover, AipSensitivityLabelAction, AipProtectionAction, AipFileDeleted, AipHeartBeatĬomplianceDLPSharePoint, ComplianceDLPExchange, DLPEndpointĮxchangeAdmin, ExchangeItem, ExchangeItemAggregatedĪirInvestigation, AirManualInvestigation, AirAdminActionInvestigation, MS365DCustomDetection The following table lists the Microsoft 365 services and features that are supported by the unified audit log. Why a unified audit log? Because you can search the audit log for activities performed in different Microsoft 365 services. Microsoft 365 services that support auditing Learn details about signing up and trial terms. Start now at the Microsoft Purview compliance portal trials hub. If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs.
0 kommentar(er)
