Forum Discussion
o365 send/receive logs on smtp level / audit logs
Hi,
we are trying to grab/download the send and receive logs on smtp level from o365. so we can track mailbox send/recv as audit.
May i know how we can automate and download the logs from python/powershell except from the UI.
Is there any better way to pull this info? Please advise!
- If I can add to this. it seems that the logs only show SMTP successes and not failures. When I asked Microsoft they said they do not keep the smtp failures and it is up to the client system to capture the logs for failures. that seems like a very odd response or at least on that has never dealt with a MFD device before.
does anyone know how to get SMTP failure info? Nope afaik. You can automate requesting the logs, but the URL from which you can download them is behind an auth wall, and doesn't seem to accept any of the standard methods to authenticate (including via Graph).
VasilMichevThanks, May i know what the API endpoint will to get the SMTP send/recv logs?
we do have account for 0365 and can automate, if we know the correct Endpoint/some method.
From the GUI, we see the "mail flow" logs, but not sure how we get over the correct API/endpoint.
we see we can get from the powershell as well/GUI, but somehow we want to automate this using API endpoint:
https://www.codetwo.com/admins-blog/message-tracking-office-365/
https://www.urtech.ca/2018/11/solved-how-to-perform-a-message-trace-in-office365-exchange-online/
would be great if you/someone can help to point the correct API endpoint.
That's the issue, we simply don't know. Microsoft never published any details about it, and the only supported way for getting the CSV files is via the browser.
Now if you are only interested in the "regular" message trace, that can be easily automated, here's a sample script: https://gallery.technet.microsoft.com/scriptcenter/Office-365-Mail-Traffic-afa37da1#content
