{"id":3585,"date":"2024-04-23T13:21:13","date_gmt":"2024-04-23T13:21:13","guid":{"rendered":"https:\/\/poiseddevelopers.com\/reality-tech\/?p=3585"},"modified":"2024-05-10T13:35:42","modified_gmt":"2024-05-10T13:35:42","slug":"unveiling-auditing-excellence-microsoft-purviews-advanced-features","status":"publish","type":"post","link":"https:\/\/poiseddevelopers.com\/reality-tech\/unveiling-auditing-excellence-microsoft-purviews-advanced-features\/","title":{"rendered":"Unveiling Auditing Excellence: Microsoft Purview\u2019s Advanced Features"},"content":{"rendered":"<p><span data-contrast=\"auto\">Auditing is the process of investigating security events, conducting forensic investigations, complying with internal regulations, and meeting external compliance obligations. It involves capturing, recording, and retaining a unified audit log.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In other words, it means keeping a close eye on what happens in the system. It checks actions, changes, and who accesses data to follow rules and keep everything secure. It helps manage risks and ensures that everything meets the required standards.<\/span><\/p>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-6f2749d elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"6f2749d\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-15bd561\" data-id=\"15bd561\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-5a052f2 elementor-widget elementor-widget-text-editor\" data-id=\"5a052f2\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><span data-contrast=\"auto\">In Microsoft 365, there are two Auditing options:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"14\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Audit Standard:<\/span><\/b><span data-contrast=\"auto\">\u00a0This is the basic option with lots of searchable events stored for 90 days. You can export these records easily.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"14\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Audit Premium:<\/span><\/b><span data-contrast=\"auto\">\u00a0This is more advanced. It includes everything in Audit Standard but also keeps records longer, identifies important events, and allows more data access.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b98b1c7 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b98b1c7\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-94f9a0e\" data-id=\"94f9a0e\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-9dbdfa6 elementor-widget elementor-widget-text-editor\" data-id=\"9dbdfa6\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"2\"><strong>Key Features of Audit New Search\u00a0<\/strong><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Customizable Query Parameters:<\/span><\/b><span data-contrast=\"auto\">\u00a0The tool offers flexibility in defining search parameters, allowing users to tailor audits based on date ranges, data types, or specific compliance criteria.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Intelligent Insights:<\/span><\/b><span data-contrast=\"auto\">\u00a0Leveraging Microsoft\u2019s robust algorithms, Audit New Search provides insightful data analytics, enabling users to extract actionable insights from the audit results.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Comprehensive Reporting:<\/span><\/b><span data-contrast=\"auto\">\u00a0Generate detailed reports summarizing audit findings, facilitating comprehensive analysis, and aiding in compliance improvement strategies.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">User-Friendly Interface:<\/span><\/b><span data-contrast=\"auto\">\u00a0The intuitive interface ensures ease of navigation, allowing both novice and experienced users to navigate the tool effectively.<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-fbb87ab elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"fbb87ab\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-07c91ac\" data-id=\"07c91ac\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-6e1866a elementor-widget elementor-widget-text-editor\" data-id=\"6e1866a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"2\"><strong>Benefits of Microsoft Purview\u2019s Audit:\u00a0<\/strong><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Improved security posture:<\/span><\/b><span data-contrast=\"auto\">\u00a0By understanding what is happening in your Microsoft 365 environment, you can identify and address security threats more quickly.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Reduced compliance risk:<\/span><\/b><span data-contrast=\"auto\">\u00a0Audit logs can help you demonstrate compliance with internal regulations and external compliance requirements.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Improved incident response:<\/span><\/b><span data-contrast=\"auto\">\u00a0Audit logs can provide valuable evidence in the event of a security incident.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Enhanced investigations:<\/span><\/b><span data-contrast=\"auto\">\u00a0Audit logs can help you investigate security incidents and other events more effectively.<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0c6d74b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"0c6d74b\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-23889c8\" data-id=\"23889c8\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-5a6a829 elementor-widget elementor-widget-text-editor\" data-id=\"5a6a829\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"2\"><strong>How to Audit with Microsoft 365\u00a0\u00a0<\/strong><\/p>\n<p><span data-contrast=\"auto\">Auditing in Microsoft 365 is part of Microsoft Purview. Thousands of actions and operations conducted across Microsoft 365 services and solutions are reported in your organization\u2019s unified audit log. IT admins, risk teams, and compliance and legal operators within an organization can search audit logs using the audit log search tool.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">You must be assigned the Audit Logs role in the Microsoft Purview compliance portal to turn auditing on or off in your Microsoft 365 organization. By default, this role is assigned to the Audit Manager, Organization Management, and Security Administrator role groups on the Permissions page in the compliance portal.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b7fc2fb elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b7fc2fb\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-d595627\" data-id=\"d595627\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-2b31068 elementor-widget elementor-widget-text-editor\" data-id=\"2b31068\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><strong>Verify the Auditing status for your organization\u00a0<\/strong><\/p>\n<p><span data-contrast=\"auto\">Audit logging is turned on by default for Microsoft 365 organizations. However, when setting up a new Microsoft 365 organization, you should verify the auditing status for your organization.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f751ce4 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f751ce4\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-638389c\" data-id=\"638389c\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-17505ff elementor-widget elementor-widget-text-editor\" data-id=\"17505ff\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><strong>Use PowerShell to turn on Auditing\u00a0<\/strong><\/p>\n<p><span data-contrast=\"auto\">To verify that auditing is turned on for your organization, Execute the subsequent command in PowerShell, following each step.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f5b0cec elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f5b0cec\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-f6c700b\" data-id=\"f6c700b\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-2df1b0b elementor-widget elementor-widget-text-editor\" data-id=\"2df1b0b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><b><span data-contrast=\"auto\">Step 1:<\/span><\/b><span data-contrast=\"auto\">\u00a0\u00a0<\/span><span data-contrast=\"auto\">Import-Module ExchangeOnlineManagement<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Step 2:<\/span><\/b><span data-contrast=\"auto\">\u00a0\u00a0<\/span><span data-contrast=\"auto\">Connect-ExchangeOnline -UserPrincipalName &lt;UPN&gt;<\/span><span data-contrast=\"auto\">\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">\u201cUPN is your account in user principal name format (for example,\u00a0<\/span><a href=\"mailto:xyz@contoso.onmicrosoft.com)\" aria-label=\"send an email to xyz@contoso.onmicrosoft.com)\" data-uw-rm-vglnk=\"\"><span data-contrast=\"none\">xyz@contoso.onmicrosoft.com)<\/span><\/a><span data-contrast=\"auto\">.\u201d<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In the sign-in window that opens, enter your password, and then click Sign in.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">MFA only: A verification code is generated and delivered based on the response option that\u2019s configured for your account<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Step 3 :<\/span><\/b><span data-contrast=\"auto\">\u00a0\u00a0<\/span><span data-contrast=\"auto\">Get-AdminAuditLogConfig | Format-List UnifiedAuditLogIngestionEnabled<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3587 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG1-9-1024x496-1-1.png\" alt=\"image\" width=\"1024\" height=\"496\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG1-9-1024x496-1-1.png 1024w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG1-9-1024x496-1-1-300x145.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG1-9-1024x496-1-1-768x372.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p><span data-contrast=\"auto\">A value of\u00a0<\/span><b><span data-contrast=\"auto\">True<\/span><\/b><span data-contrast=\"auto\">\u00a0for the \u201c<\/span><b><span data-contrast=\"auto\">UnifiedAuditLogIngestionEnabled<\/span><\/b><span data-contrast=\"auto\">\u201d property indicates that auditing is turned on. A value of False indicates that auditing isn\u2019t turned on.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Be sure to run the previous command in Exchange Online PowerShell. Although the\u00a0<\/span><b><span data-contrast=\"auto\">Get-AdminAuditLogConfig<\/span><\/b><span data-contrast=\"auto\">\u00a0cmdlet is also available in Security &amp; Compliance PowerShell, the UnifiedAuditLogIngestionEnabled property is always False, even when auditing is turned on<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3588 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG2-4-1024x679-1.png\" alt=\"image\" width=\"1024\" height=\"679\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG2-4-1024x679-1.png 1024w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG2-4-1024x679-1-300x199.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG2-4-1024x679-1-768x509.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p><strong>Assign permissions from compliance portal to scope Audit logs\u00a0<br role=\"presentation\" data-uw-rm-sr=\"\" \/><\/strong><span data-contrast=\"auto\">The following screenshot shows the two audit-related role groups in the compliance portal.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3589 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG3-6-1024x304-1.png\" alt=\"image\n\" width=\"1024\" height=\"304\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG3-6-1024x304-1.png 1024w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG3-6-1024x304-1-300x89.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG3-6-1024x304-1-768x228.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3d382ca elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3d382ca\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6cc1761\" data-id=\"6cc1761\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-9bf8640 elementor-widget elementor-widget-text-editor\" data-id=\"9bf8640\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><span data-contrast=\"auto\">To search or export the audit log, administrators or members of investigation teams must be assigned to at least one of the following audit-related role groups in the compliance portal<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Audit Manager:<\/span><\/b><span data-contrast=\"auto\">\u00a0A user assigned to the Audit Manager role group can search and export the audit log and manage audit settings for the tenant (like enabling or disabling audit logging). This role group grants the View-Only Audit Logs and Audit Logs roles to the user.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><b><span data-contrast=\"auto\">Audit Reader:<\/span><\/b><span data-contrast=\"auto\">\u00a0A user assigned to the Audit Reader role group can only search and export the audit log. They can\u2019t enable or disable audit logging. This role group grants the View-Only Audit Logs role to the user<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8a31a3b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"8a31a3b\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-31f6139\" data-id=\"31f6139\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-0245bee elementor-widget elementor-widget-text-editor\" data-id=\"0245bee\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"2\"><strong>Search the Audit log in Microsoft Purview\u00a0<\/strong><\/p>\n<p><span data-contrast=\"auto\">Now you\u2019re ready to search the audit log in the Microsoft Purview compliance portal.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">1. Go to https:\/\/compliance.microsoft.com and sign in using an account that has been assigned the appropriate audit permissions.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">2. Select the Audit tab on the left panel of the homepage to navigate to the Audit tool.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3590 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG4-5-1024x447-1.png\" alt=\"Image\" width=\"1024\" height=\"447\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG4-5-1024x447-1.png 1024w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG4-5-1024x447-1-300x131.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG4-5-1024x447-1-768x335.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>3. Select New Search tab at the top of the Audit page.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3591 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG5-4-1024x327-1.png\" alt=\"image\" width=\"1024\" height=\"327\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG5-4-1024x327-1.png 1024w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG5-4-1024x327-1-300x96.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG5-4-1024x327-1-768x245.png 768w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3a5f7ff elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3a5f7ff\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-6319331\" data-id=\"6319331\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-80c26f6 elementor-widget elementor-widget-text-editor\" data-id=\"80c26f6\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><span data-contrast=\"auto\">4. On the New Search tab, configure the following search criteria as applicable:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"18\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Date Range:<\/span><\/b><span data-contrast=\"auto\">\u00a0Choose a date range up to 180 days to view events, with the default set to the last seven days in Coordinated Universal Time (UTC).<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Keyword Search:<\/span><\/b><span data-contrast=\"auto\">\u00a0Look for specific words or phrases in the audit log, replacing special characters with asterisks for text containing such characters.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Admin Units:<\/span><\/b><span data-contrast=\"auto\">\u00a0Filter audited activities based on specific administrative units within your organization.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Activity Names:<\/span><\/b><span data-contrast=\"auto\">\u00a0Select user or admin activity groups or individual activities to focus your search in the log.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Operation Names:<\/span><\/b><span data-contrast=\"auto\">\u00a0Specify exact operation names to refine search results, enabling flexible data discovery.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Record Types:<\/span><\/b><span data-contrast=\"auto\">\u00a0Filter audited activities based on specific types for more targeted search results.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"6\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Search Name:<\/span><\/b><span data-contrast=\"auto\">\u00a0Create a custom name for your search job to distinguish it in the search job history.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"7\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Users:<\/span><\/b><span data-contrast=\"auto\">\u00a0Choose specific users to see their related audit log entries or leave blank for all users.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:1440,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"8\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">File, Folder, or Site:<\/span><\/b><span data-contrast=\"auto\">\u00a0Search for file or folder activities by entering related keywords or URLs.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">**Select Search to start your search job. A maximum of 10 search jobs can be run in parallel for one user account. **<\/span><span data-ccp-props=\"{&quot;335559685&quot;:1080}\">\u00a0<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-3493203 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"3493203\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7d73ab4\" data-id=\"7d73ab4\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-223fb3a elementor-widget elementor-widget-text-editor\" data-id=\"223fb3a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"1\"><strong>Search Job dashboard<\/strong><\/p>\n<p><span data-contrast=\"auto\">Active and completed search jobs are displayed in the search job dashboard. The dashboard displays the following information for each search job:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3592 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG6-4.png\" alt=\"Image\" width=\"1000\" height=\"238\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG6-4.png 1000w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG6-4-300x71.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG6-4-768x183.png 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/p>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8e53312 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"8e53312\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3e5cffd\" data-id=\"3e5cffd\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-7e0c42c elementor-widget elementor-widget-text-editor\" data-id=\"7e0c42c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Search name:<\/span><\/b><span data-contrast=\"auto\">\u00a0The name of the search job. The full search name for a job can be seen by hovering the cursor over the search job name.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Job status:<\/span><\/b><span data-contrast=\"auto\">\u00a0The status of the search job. The status can be Queued, In Progress, or Completed.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Progress (%):<\/span><\/b><span data-contrast=\"auto\">\u00a0The percentage of the search job that has been completed.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Search time:<\/span><\/b><span data-contrast=\"auto\">\u00a0The total running time that elapsed to complete the search job.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Total results:<\/span><\/b><span data-contrast=\"auto\">\u00a0The total number of results returned by the search job.<\/span><span data-ccp-props=\"{&quot;335551550&quot;:6,&quot;335551620&quot;:6}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"6\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Creation time:<\/span><\/b><span data-contrast=\"auto\">\u00a0The date and time the search job was created in UTC.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"11\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"7\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Search performed by:<\/span><\/b><span data-contrast=\"auto\">\u00a0The user account that created the search job.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-daa8f2b elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"daa8f2b\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-a36e67d\" data-id=\"a36e67d\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-1b45d3d elementor-widget elementor-widget-text-editor\" data-id=\"1b45d3d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"1\"><strong>Search Job details dashboard<\/strong><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:240,&quot;335559739&quot;:0}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">To view details about a search job, select the search job. The total number of items in the job is included at the top of the dashboard. The total result number deducts duplicates, which is why it might be less than the number of items in the search job dashboard.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3593 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG7-4.png\" alt=\"Image\" width=\"993\" height=\"372\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG7-4.png 993w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG7-4-300x112.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG7-4-768x288.png 768w\" sizes=\"auto, (max-width: 993px) 100vw, 993px\" \/><\/p>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-0f24548 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"0f24548\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-339f324\" data-id=\"339f324\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-f62aff3 elementor-widget elementor-widget-text-editor\" data-id=\"f62aff3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><span data-contrast=\"auto\">The search job details dashboard displays following information about the individual items gathered in the search job results:<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Date (UTC):<\/span><\/b><span data-contrast=\"auto\">\u00a0The date and time the activity occurred.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">IP Address:\u00a0<\/span><\/b><span data-contrast=\"auto\">The IP address of the device that was used to perform the activity.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"3\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">User:<\/span><\/b><span data-contrast=\"auto\">\u00a0The user account that performed the activity.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"4\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Record type:<\/span><\/b><span data-contrast=\"auto\">\u00a0The record type associated with the activity.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"5\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Activity:<\/span><\/b><span data-contrast=\"auto\">\u00a0The friendly name of the activity that was performed.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"6\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Item:<\/span><\/b><span data-contrast=\"auto\">\u00a0The name of the file, folder, or site that the activity was acted on.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"7\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Admin Units:<\/span><\/b><span data-contrast=\"auto\">\u00a0The admin unit that the user account that performed the activity belongs to.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" aria-setsize=\"-1\" data-aria-posinset=\"8\" data-aria-level=\"1\"><b><span data-contrast=\"auto\">Details:<\/span><\/b><span data-contrast=\"auto\">\u00a0Additional details about the activity.<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a5a2ecf elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"a5a2ecf\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-30bfcec\" data-id=\"30bfcec\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-c45bca6 elementor-widget elementor-widget-text-editor\" data-id=\"c45bca6\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><b><span data-contrast=\"auto\">Export the Audit report<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">This option exports all the audit records from the audit log search you ran, and adds the raw data from the audit log to a CSV file. It takes a while to prepare the download file for a large search. Large files will result when searching for all activities or using a wide date range.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-36bfac6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"36bfac6\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-97186ec\" data-id=\"97186ec\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-34672a8 elementor-widget elementor-widget-text-editor\" data-id=\"34672a8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p aria-level=\"1\"><strong>Format the exported Audit log using the Power Query Editor\u00a0<\/strong><\/p>\n<p><span data-contrast=\"auto\">The next step is to use the JSON transform feature in the Power Query Editor in Excel to split each property in the JSON object in the Audit Data column into its own column. Then you filter columns to view records based on the values of specific properties. This can help you quickly locate the specific auditing data you\u2019re looking for.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">1. Open a blank workbook in Excel for Office 365, Excel 2019, or Excel 2016.<\/span><span data-ccp-props=\"{}\">\u00a0<br role=\"presentation\" data-uw-rm-sr=\"\" \/><\/span><span data-contrast=\"auto\">2. On the Data tab, in the Get &amp; Transform Data ribbon group, select From Text\/CSV.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3594 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG8-4.png\" alt=\"Image\" width=\"559\" height=\"288\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG8-4.png 559w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG8-4-300x155.png 300w\" sizes=\"auto, (max-width: 559px) 100vw, 559px\" \/><\/p>\n<p><span data-contrast=\"auto\">3. Open the CSV file that you downloaded in Step 1.<\/span><span data-ccp-props=\"{}\">\u00a0<br role=\"presentation\" data-uw-rm-sr=\"\" \/><\/span><span data-contrast=\"auto\">4. In the window that\u2019s displayed, select Transform Data.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3595 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG9-5.png\" alt=\"image\" width=\"790\" height=\"442\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG9-5.png 790w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG9-5-300x168.png 300w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG9-5-768x430.png 768w\" sizes=\"auto, (max-width: 790px) 100vw, 790px\" \/><\/p>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-fa362df elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"fa362df\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-75e1f02\" data-id=\"75e1f02\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-8725f6a elementor-widget elementor-widget-text-editor\" data-id=\"8725f6a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><span class=\"NormalTextRun SCXW55275481 BCX0\">The CSV file is opened in the Query Editor. There are four columns:\u00a0<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">Creation Date<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">, User<\/span>\u00a0<span class=\"NormalTextRun SCXW55275481 BCX0\">Ids, Operations, and\u00a0<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">Audit Data<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">. The\u00a0<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">Audit Data<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">\u00a0column is a JSON object that\u00a0<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">contains<\/span><span class=\"NormalTextRun SCXW55275481 BCX0\">\u00a0multiple properties. The next step is to create a column for each property in the JSON object.<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<section class=\"elementor-section elementor-top-section elementor-element elementor-element-772b6ca elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"772b6ca\" data-element_type=\"section\">\n<div class=\"elementor-container elementor-column-gap-default\">\n<div class=\"elementor-row\">\n<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-25ef6da\" data-id=\"25ef6da\" data-element_type=\"column\">\n<div class=\"elementor-column-wrap elementor-element-populated\">\n<div class=\"elementor-widget-wrap\">\n<div class=\"elementor-element elementor-element-55f7b7e elementor-widget elementor-widget-text-editor\" data-id=\"55f7b7e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n<div class=\"elementor-widget-container\">\n<div class=\"elementor-text-editor elementor-clearfix\">\n<p><span class=\"NormalTextRun SCXW178101381 BCX0\">5. Right-click the title in the\u00a0<\/span><span class=\"NormalTextRun SCXW178101381 BCX0\">Audit Data<\/span><span class=\"NormalTextRun SCXW178101381 BCX0\">\u00a0column, select Transform, and then select JSON.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3596 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG10-5.png\" alt=\"Image\" width=\"695\" height=\"567\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG10-5.png 695w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG10-5-300x245.png 300w\" sizes=\"auto, (max-width: 695px) 100vw, 695px\" \/><\/p>\n<p><span class=\"NormalTextRun SCXW267260852 BCX0\">6. In the upper-right corner of the\u00a0<\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW267260852 BCX0\">AuditData<\/span><span class=\"NormalTextRun SCXW267260852 BCX0\">\u00a0column, select the expand icon.<\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3597 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG11-4.png\" alt=\"Image\" width=\"404\" height=\"169\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG11-4.png 404w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG11-4-300x125.png 300w\" sizes=\"auto, (max-width: 404px) 100vw, 404px\" \/><\/p>\n<p><span class=\"TextRun SCXW259271453 BCX0\" lang=\"EN-IN\" xml:lang=\"EN-IN\" data-contrast=\"auto\" data-uw-rm-lang=\"false\"><span class=\"NormalTextRun SCXW259271453 BCX0\">7. Select\u202f<\/span><\/span><span class=\"TextRun SCXW259271453 BCX0\" lang=\"EN-IN\" xml:lang=\"EN-IN\" data-contrast=\"auto\" data-uw-rm-lang=\"false\"><span class=\"NormalTextRun SCXW259271453 BCX0\">Load more<\/span><\/span><span class=\"TextRun SCXW259271453 BCX0\" lang=\"EN-IN\" xml:lang=\"EN-IN\" data-contrast=\"auto\" data-uw-rm-lang=\"false\"><span class=\"NormalTextRun SCXW259271453 BCX0\">\u202fto display all properties in the JSON objects in the\u202f<\/span><\/span><span class=\"TextRun SCXW259271453 BCX0\" lang=\"EN-IN\" xml:lang=\"EN-IN\" data-contrast=\"auto\" data-uw-rm-lang=\"false\"><span class=\"NormalTextRun SpellingErrorV2Themed SCXW259271453 BCX0\">AuditData<\/span><\/span><span class=\"TextRun SCXW259271453 BCX0\" lang=\"EN-IN\" xml:lang=\"EN-IN\" data-contrast=\"auto\" data-uw-rm-lang=\"false\"><span class=\"NormalTextRun SCXW259271453 BCX0\">\u202fcolumn.<\/span><\/span><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-3598 size-full\" src=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG12-3.png\" alt=\"image\" width=\"358\" height=\"410\" srcset=\"https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG12-3.png 358w, https:\/\/poiseddevelopers.com\/reality-tech\/wp-content\/uploads\/2024\/05\/IMG12-3-262x300.png 262w\" sizes=\"auto, (max-width: 358px) 100vw, 358px\" \/><\/p>\n<p><span class=\"TextRun SCXW87371679 BCX0\" lang=\"EN-IN\" xml:lang=\"EN-IN\" data-contrast=\"auto\" data-uw-rm-lang=\"false\"><span class=\"NormalTextRun SCXW87371679 BCX0\">You can unselect the checkbox next to any property that you\u00a0<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">don\u2019t<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">\u00a0want to include.\u00a0<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">Eliminating<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">\u00a0columns that\u00a0<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">aren\u2019t<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">\u00a0useful for your investigation is\u00a0<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">a good way<\/span><span class=\"NormalTextRun SCXW87371679 BCX0\">\u00a0to reduce the amount of data displayed in the audit log.<\/span><\/span><span class=\"EOP SCXW87371679 BCX0\" data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>Auditing is the process of investigating security events, conducting forensic investigations, complying with internal regulations, and meeting external compliance obligations. It involves capturing, recording, and retaining a unified audit log.\u00a0 In other words, it means keeping a close eye on what happens in the system. It checks actions, changes, and who accesses data to follow [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":3586,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[43],"tags":[],"class_list":["post-3585","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft"],"acf":[],"_links":{"self":[{"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/posts\/3585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/comments?post=3585"}],"version-history":[{"count":1,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/posts\/3585\/revisions"}],"predecessor-version":[{"id":3599,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/posts\/3585\/revisions\/3599"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/media\/3586"}],"wp:attachment":[{"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/media?parent=3585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/categories?post=3585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/poiseddevelopers.com\/reality-tech\/wp-json\/wp\/v2\/tags?post=3585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}