cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SharePoint Online activities not logged in CAS

Deleted
Not applicable

‎Feb 13 2018 08:13 AM

‎Feb 13 2018 08:13 AM

SharePoint Online activities not logged in CAS

Hello

 

For a collaboration solution with strict site governance based on SharePoint Online, we were planning to leverage CAS to notify the operations team when a site owner changes the access request settings of his site. There are two activities related to these access request settings:

WebMembersCanShareModified and

WebRequestAccessModified.

 

We've noticed, however, that neither of them appears in the Activity log of CAS, although both can be found in the audit logs of the Security and Compliance center. What's even more confusing is that the Activity Type field of CAS contains both activities and allows filtering and defining policies based on them, whereas the audit logs of the Security and Compliance Center do not allow alert definition based on these two.  This seems particularly odd.

 

Is it true that not all SharePoint activities appears in CAS and

can we expect a solution in order to be able to detect the modification of the access request settings and send out an alert?

 

Thanks a lot.

John

2,799 Views
0 Likes
4 Replies
Reply
4 Replies
Dean Gross

‎Mar 02 2018 12:54 PM

‎Mar 02 2018 12:54 PM

Re: SharePoint Online activities not logged in CAS

@Niv Goldenberg can you provide any insight?

0 Likes
Reply
Alexander Broere

‎May 09 2018 04:44 AM

‎May 09 2018 04:44 AM

Re: SharePoint Online activities not logged in CAS

Hi @Deleted,

 

I'm seeing the same thing not only for SharePoint Online but also for other things like Sway or device/network access policy. I was hoping to find an overview of all the Audit log features compared to (M)CAS. I found one for the Audit log but not for CAS.

 

https://support.office.com/en-us/article/Search-the-audit-log-in-the-Office-365-Security-Compliance-Center-0d4d0f35-390b-4518-800e-0c7ec95e946c#PickTab=Activities

 

Hope someone has an answer for this.

0 Likes
Reply
Eran Chencinski

‎May 16 2018 05:37 AM

‎May 16 2018 05:37 AM

Re: SharePoint Online activities not logged in CAS

Hi John,

 

New SharePoint Online activities were recently added to CAS. They include the activities you mentioned, so you can now create policies and alerts on those activities.

In general, the goal is to add all SharePoint Online activities to CAS. It might take some time to add new activities, but they will be added.

 

Eran

2 Likes
Reply
Dean Gross

‎May 16 2018 05:47 AM

‎May 16 2018 05:47 AM

Re: SharePoint Online activities not logged in CAS

@Eran Chencinskithat is good news, when you do that, could you please make sure to use the attributes from Azure AD, instead of from the unified audit log in O365. I have noticed differences, and the AAD log is more helpful.

0 Likes
Reply