Forum Discussion
prelek
Jun 18, 2020Copper Contributor
On-prem access audit
Hi,
Our customer would like to link their M365 tenancy (SharePoint) with on-prem servers (file shares) so they can have an audit / logs on the files being access and copied.
We have a looked into Azure Information protection and deploying scanners but that seems to be seems mostly used for data classification.
What would be the best way to achieve this?
- IvoMaas140Brass ContributorEven though this post is from a while back, please not that azure information protection scanners can be used to classify and protect documents on your on-prem file servers and sharepoint servers. This has nothing to do with audit and access logs being copied over.
If you want audit/logs on your local on-prem servers and consume them elsewere you can export the local logs on the server and use event forwarding to ingest them to the cloud, another location or a server that can consume those logs (example SIEM).