Investigate an activity in Advanced Security Management

After you enable Advanced Security Management and set up alerts in Office 365, learn what's happening in your Office 365 environment by looking over and investigating activities and accounts in the Activity log.

Activity log

Reviewing the information in your organization while keeping the following questions in mind can help you decide if you can take any additional steps to help protect your organization from risk. You'll review this information in Advanced Security Management in the Security & Compliance Center.

In the Security and Compliance Center, chooseAlerts > Manage advanced alerts. Click Activity log and review activities for the following information.

  • Who is accessing your Office 365 environment?

  • What are the IP ranges from which people are accessing your environment?

  • What is the admin activity?

  • From what locations are admins connecting?

  • Are failed logins coming from expected IP addresses?

See Also

Opt-in steps for Advanced Security Management

Create activity policies and alerts in Advanced Security Management

Create anomaly detection policies in Advanced Security Management

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!