Forum Discussion
Audit Log/ Mixed Tenancy
Question about how Audit Logs work with mixed E5/E3 tenancies. 1) For events that are only supported by E5, for example MailItemsAccessed, does the Audit Log record such events only for those us...
Hello Barry Briggs
look the website
https://learn.microsoft.com/en-us/purview/audit-log-investigate-accounts
The new MailItemsAccessed action is part of the new Audit (Premium) functionality. It's part of Exchange mailbox auditing and is enabled by default for users that are assigned an Office 365 or Microsoft 365 E5 license or for organizations with a Microsoft 365 E5 Compliance add-on subscription.
The MailItemsAccessed mailbox-auditing action covers all mail protocols: POP, IMAP, MAPI, EWS, Exchange ActiveSync, and REST. It also covers both types of accessing mail: sync and bind.....................................
look the website
https://learn.microsoft.com/en-us/purview/audit-log-investigate-accounts
The new MailItemsAccessed action is part of the new Audit (Premium) functionality. It's part of Exchange mailbox auditing and is enabled by default for users that are assigned an Office 365 or Microsoft 365 E5 license or for organizations with a Microsoft 365 E5 Compliance add-on subscription.
The MailItemsAccessed mailbox-auditing action covers all mail protocols: POP, IMAP, MAPI, EWS, Exchange ActiveSync, and REST. It also covers both types of accessing mail: sync and bind.....................................
Sorry, this was not my question. My question was, if you have *both* E3 *and* E5 users in a tenancy, how does event reporting and retention work in the Audit log.