Forum Discussion

dchandler's avatar
dchandler
Copper Contributor
Mar 21, 2019

SOLVED: How to audit access from anonymous links?

Hi,

 

is it possible to view which IP addresses have accessed a file through an anonymous link distributed through OneDrive for Business? I can't find anything in the Security and Compliance Center / Audit log Search. Googled the hell out of it and found nothing, only information related to the creation on sharing links.

 

Any tips would be appreciated.

 

Dennis

  • Take also a look at the Audit Log Search feature in the Compliance Center
  • Cian Allner's avatar
    Cian Allner
    Silver Contributor

    Microsoft Cloud App Security/Office 365 Cloud App Security can probably do this, at a cost, other members may know if there is an easier way of doing this. 

     

    https://docs.microsoft.com/en-us/cloud-app-security/activity-filters

     

    There are various queries builtin that can highlight these events:

     

    File and folder activities - filters all your activities to display only those activities that involved files and folders. The filter includes upload, download, and accessing folders, along with creating, deleting, uploading, downloading, quarantining, and accessing files, and transferring content.

     

    • Take also a look at the Audit Log Search feature in the Compliance Center
      • dchandler's avatar
        dchandler
        Copper Contributor

        Both solutions were correct. I just didn't know what I was looking for in the compliance center.

         

        In Security and Compliance Center

         

        And in the Cloud App Security Portal

         

        Thanks for your help guys.

Resources