Auditing and Protection reports

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

Develop your talent with more than 10,000 online courses from LinkedIn Learning

All right, so far in this section, we've talked about a lot of the service reports, usage reports, and I want to start out this lesson by going up and taking a look at some of our 346 exam objectives. So, I have gotten open a tab of the browser, so this is Microsoft Edge, and I'm at the Exam 70-346 page, and we're looking at some of the test objectives here. And under analyze reports, in our domain of monitoring and troubleshooting Office 365 availability and usage, you see this is really what we've been doing so far.

And then you have this section here that talks about mail protection reports, audit log reports, and portal email hygiene reports. And that can be a little bit confusing. I'm going to go ahead and close this tab and go back to the home of the admin center. The reason why that can be confusing is because, if you click on reports and then look at the usage reports, and you're starting to look for one of those reports, you really can't find those mail protection reports or the hygiene reports.

What are they talking about here? Well, those are found here under security and compliance. And one of the reasons why the terminology is a little bit weird is because I don't think that Microsoft, at least as I author this course today, they haven't really updated the objectives to reflect the update to the admin center, which have been recently pushed out. I think they're scripting those objective domains or the topics to the old admin center. In any event, if you click on security and compliance, these are the things that Microsoft is referring to and with which you need to be familiar with.

So, if you click here, you see the auditing reports and the protection reports, and these are very straightforward, and in a pilot environment, there probably isn't going to be much for you to view in a lot of these reports. So, for example, a mailbox litigation hold. What is that all about? Well, if you give it a click, one nice thing about these is that you can find out more information. So, for example, I don't have any mailboxes that are undergoing a litigation hold right now.

And if you want to find out more about what exactly a litigation hold is, you can click on that learn more link and in each of these reports, it should take you out to a TechNet article, where you can find out more information. So, learn more about running a per-mailbox litigation hold report. So, if your organization is involved in a legal action, you may have to take steps to preserve relevant data, such as email messages that may be used as evidence. So, if you're served with a subpoena or something while you are running your pilot environment, you'll need to possibly run a per-mailbox litigation hold report.

If that's not the case, and I'm assuming that won't be the case, then you won't need to do that, but you do need to be familiar a little bit with the procedure of running this report and other reports. Again, it's very straightforward. You just click on a hyperlink, it brings you to the report page. For the most part, with all of these reports, it's just a matter of setting a start date and end date, and then investigating the details. It'll give you the search results here. So, I'm going to close out of this one, and again, under your auditing reports, there probably won't be much to look at in a pilot environment.

Mailbox access by non-owners, for example, probably won't come up in a pilot environment, and is likely not to come up in many production environments. So, we've taken a quick look at the auditing reports. Now let's take a look at the mail protection reports and the hygiene reports that were referred to in the 70-346 objectives. Any of these reports can be run by simply clicking on the hyperlink here. So, spoof mail, malware detections.

In my pilot environment probably won't have much malware that's been detected. But if I give that a click, the report is run and again, as I suspected, there's been no malware that someone has tried to send through email to my pilot environment. You can click on custom and do a custom date range here. Again, it's all pretty straightforward stuff. If I click on top senders and recipients, that is something I should see at least some data generated for, and that is, I can see my top mail sender in my enterprise because I'm only using one account to send and receive email.

Don't need to really send a lot of email in this pilot environment, but that's it in the last seven days, David.Atchison@beanlakellc on Microsoft.com has sent one email, and then, again, of course, I can change my date selection here. So, top mail senders here, in terms of the data, top mail recipients here, and there are a couple different accounts that have been mail recipients. So, this is just a quick and easy way to get information about the email activity in your environment.

The mail protection and hygiene reports in terms of spam detection, malware for mail, sent and received mail, all those things could be generated with a single click from the security and compliance tab under the reports note of the admin center.

LinkedIn Learning

LinkedIn Learning is an online learning platform that combines industry-leading content from Lynda.com with LinkedIn’s professional network of more than 500 million member profiles to provide highly personalized course recommendations and a more intuitive learning experience. Learn more.

Benefits

  • Learn from recognized industry experts, and get the business, tech, and creative skills that are most in demand.

  • Receive personal recommendations based on your LinkedIn profile.

  • Stream courses from your computer or mobile device.

  • Take courses for every level – beginner to advanced.

  • Practice while you learn with quizzes, exercise files, and coding windows.

  • Provide learning for your team or entire organization, with an easy to use experience for managing users, curating content and measuring engagement


For businesses with 50+ licenses Request Office 365 onboarding assistance from FastTrack

You can request remote and personalized assistance with onboarding. Our FastTrack engineers will help you plan your Office 365 project, assess your technical environment, provide remediation guidance, migrate data to Office 365, and provide user adoption assistance.

See the FastTrack Center Video: http://aka.ms/meetfasttrack

Get started today: http://fasttrack.microsoft.com

If you're preparing for exam 70-346, Managing Office 365 Identities and Requirements, or you just want to improve your Office 365 administration skills, then this course is for you. Instructor Brian Culp looks at three objectives in the Monitor and Troubleshoot Office 365 Availability and Usage section of the exam—analyzing reports, monitoring service health, and isolating service interruptions. By the end of this course, you'll be better prepared to tackle this section of the exam, and will have a better understanding of the troubleshooting and reporting tools available to Office 365 admins.

Topics include:

  • Navigating the Office 365 reports dashboard

  • Generating and interpreting usage, email, and auditing reports

  • Generating and interpreting mail protection and mail hygiene reports

  • Showing and hiding user-level detail information in reports

  • Understanding the service health dashboard

  • Monitoring Office 365 Health

  • Retrieving data with the Management Pack

  • Using PowerShell for Office 365

  • Creating a service request

  • Using the Remote Connectivity Analyzer, the Connectivity Analyzer tool, and the free/busy troubleshooter

Expand your skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.

×