Investigate an activity in Advanced Security Management

After you enable Advanced Security Management and set up alerts in Office 365, learn what's happening in your Office 365 environment by looking over and investigating activities and accounts in the Activity log.

Activity log

Reviewing the information in your organization while keeping the following questions in mind can help you decide if you can take any additional steps to help protect your organization from risk. You'll review this information in Advanced Security Management in the Security & Compliance Center.

In the Security and Compliance Center, chooseAlerts > Manage advanced alerts. Click Activity log and review activities for the following information.

  • Who is accessing your Office 365 environment?

  • What are the IP ranges from which people are accessing your environment?

  • What is the admin activity?

  • From what locations are admins connecting?

  • Are failed logins coming from expected IP addresses?

Related topics

Advanced Security Management (help and how-to)
Opt-in steps for Advanced Security Management
Create activity policies and alerts in Advanced Security Management
Create anomaly detection policies in Advanced Security Management

Expand your skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×