Fortinet black logo

Online Help

Activate Office 365 Account Audit Log

Copy Link
Copy Doc ID 6214e17c-9e13-11eb-b70b-00505692583a:32596

Activate Office 365 Account Audit Log

Office 365 audit log needs to be activated to record user and admin activities, this allows FortiCASB to monitor activities of the Office 365 account. It may take several hours after you turn on audit log before FortiCASB receives the audit logs from your Office 365 account.

To enable this feature, follow the steps below:

  1. Log into Office 365 account as the admin user: https://www.office.com/.
  2. Click on Office 365 menu option and select Admin portal to be re-directed to Microsoft 365 admin center.
  3. Use the top search bar to search and click on Security, you will be re-directed to Office 365 Security & Compliance page.
  4. Scroll down and click on Search > Audit log search from the left navigation menu.
  5. Click Turn on auditing.
    1. If you do not see this option, that means the organization has already enabled this option.
    2. If you are a new tenant, this option can only appear 24 hours after the tenant creation.
  6. After turning on auditing, please allow 24 hours for the auditing to become available.

Now you may activate site collection by adding the Office 365 account to FortiCASB.

When you see an error on adding Office 365 to FortiCASB you might need to wait before auditing is enabled on Office 365 portal.

Activate Office 365 Account Audit Log

Office 365 audit log needs to be activated to record user and admin activities, this allows FortiCASB to monitor activities of the Office 365 account. It may take several hours after you turn on audit log before FortiCASB receives the audit logs from your Office 365 account.

To enable this feature, follow the steps below:

  1. Log into Office 365 account as the admin user: https://www.office.com/.
  2. Click on Office 365 menu option and select Admin portal to be re-directed to Microsoft 365 admin center.
  3. Use the top search bar to search and click on Security, you will be re-directed to Office 365 Security & Compliance page.
  4. Scroll down and click on Search > Audit log search from the left navigation menu.
  5. Click Turn on auditing.
    1. If you do not see this option, that means the organization has already enabled this option.
    2. If you are a new tenant, this option can only appear 24 hours after the tenant creation.
  6. After turning on auditing, please allow 24 hours for the auditing to become available.

Now you may activate site collection by adding the Office 365 account to FortiCASB.

When you see an error on adding Office 365 to FortiCASB you might need to wait before auditing is enabled on Office 365 portal.