Hi,

Our customer would like to link their M365 tenancy (SharePoint) with on-prem servers (file shares) so they can have an audit / logs on the files being access and copied.

We have a looked into Azure Information protection and deploying scanners but that seems to be seems mostly used for data classification. 

What would be the best way to achieve this?