Jun 14 2023 02:30 AM
Hi,
I'm investigating access logs pulled from Unified Audit Logs for OneDrive online, specifically. The UserAgent field value is populeted with multiple values all starting with 'onenotemodernsync...' and the Operations column is populated with either 'FileAccessed' OR 'FileModified'.
I am trying to understand what the user is doing or when this value would occur, if anyone can provide some insight that would be much appreciated.
Regards
Andre
Jun 14 2023 08:22 AM
Jun 14 2023 06:54 PM
Jun 15 2023 07:37 AM