Going Beyond the SharePoint Online Audit Log with Detailed Reports

If there is an unauthorized change or access event, for instance, to a piece of Office 365 SharePoint Online content, such as files or documents in a document library, you need to be the first one to know about it, so you can ensure nothing threatens your critical data. The native tools can help you improve your data security and compliance posture by enabling you to configure auditing and monitor user and admin activities to spot suspicious actions. However, they don’t provide you with comprehensive, detailed SharePoint Online audit log reports that could expedite issue identification and remediation and help you pass compliance audits.

Why native SharePoint Online audit log reports are simply not enough

With the built-in Site Collection Administration, you can configure SharePoint audit settings to collect a SharePoint audit trail, and then either export the collected audit data into an Excel report or view SharePoint Online audit log reports in the Office 365 Security and Compliance Center. But be prepared to manually sift through the data to spot any deviations from normal behavior. As a result, the chances that an attack will slip under your radar are pretty high, because you’ll need to search hard for details and put the pieces of the puzzle together. Here are additional limitations of native audit log reports that often get in the way of timely issue identification and remediation:

  • The search capability provided by the built-in Microsoft Office 365 audit logs has limited filtering options, which makes it hard to spot and mitigate risks before it’s too late.
  • The limited number of predefined reports and lack of report filtering make it hard to find quickly what you need.
  • There’s no report subscription function, so you have to spend time manually exporting specific audit data into Excel and massaging it in order to present the auditing information in a readable format.
  • You have to continuously export your audit log to save it for later use, because the Security and Compliance Center does not provide any storage options.

 

Getting richly detailed SharePoint Online reports with Netwrix Auditor

Netwrix Auditor for Office 365 makes it far easier to stay on top of activity across your Office 365 environment. This comprehensive enterprise solution collects and analyzes SharePoint Online audit logs, Exchange Online logs and OneDrive for Business logs, and then converts this data into useful security intelligence and delivers it to you in detailed, easy-to-read reports. With Netwrix Auditor, you will:

  • Save time with ready-to-use predefined reports that provide easy-to-read, insightful information for spotting threats and providing compliance — not raw audit log data.
  • Simplify reporting by subscribing yourself or auditors to the reports each of you needs.
  • Identify threats and investigate aberrant activity in minutes with the Interactive Search feature.
  • Be the first to know about any activity you deem critical with custom alerts that you fine-tune to your specific environment.
  • Keep your consolidated audit data securely for over 10 years in a cost-effective two-tiered storage (SQL database + file-based).

All SharePoint Online Activity by User report from Netwrix Auditor: Action, Object Type, What and When