SOLVED

MIP Document Sensitivity Labelling - Office Web Apps

%3CLINGO-SUB%20id%3D%22lingo-sub-2143027%22%20slang%3D%22en-US%22%3EMIP%20Document%20Sensitivity%20Labelling%20-%20Office%20Web%20Apps%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2143027%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20AIP%20enabled%20on%20our%20tenant%20and%20users%20are%20licenced%20(Azure%20Information%20Protection%20Premium%20P2)%20and%20we%20have%20enabled%20audit%20logging%20for%20AIP%20in%20Azure.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%20two%20scenarios%2C%20which%20we%20observe%20different%20logging%20behaviour%20and%20its%20perplexing.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3COL%3E%3CLI%3EIf%20we%20start%20a%20document%20within%20office%20desktop%20and%20apply%20a%20sensitivity%20label%2C%20we%20will%20see%20this%20event%20in%20the%20audit%20log.%3C%2FLI%3E%3CLI%3EIf%20we%20start%20a%20document%20within%20office%20web%20and%20apply%20a%20sensitivity%20label%2C%20we%20will%20not%20see%20this%20event%20in%20the%20audit%20log.%3C%2FLI%3E%3C%2FOL%3E%3CP%3EIs%20this%20behaviour%20by%20design%20that%20office%20web%20apps%20will%20not%20log%20label%20events%20to%20the%20audit%20log%3F%26nbsp%3B%20I%20cant%20find%20anything%20online%20that%20specifically%20speaks%20to%20office%20webapps%20(word%2Fexcel)%20having%20this%20issue.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20have%20any%20ideas%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2148830%22%20slang%3D%22en-US%22%3ERe%3A%20MIP%20Document%20Sensitivity%20Labelling%20-%20Office%20Web%20Apps%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2148830%22%20slang%3D%22en-US%22%3EHi%20Warren%2C%20not%20100%25%20sure%2C%20but%20I%20think%20audit%20log%20is%20part%20of%20the%20Labeling%20Client%20and%20therefore%20only%20available%20on%20office%20desktop.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2155044%22%20slang%3D%22en-US%22%3ERe%3A%20MIP%20Document%20Sensitivity%20Labelling%20-%20Office%20Web%20Apps%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2155044%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F634455%22%20target%3D%22_blank%22%3E%40mmancina%3C%2FA%3E%26nbsp%3BYeah%2C%20that's%20what%20I%20was%20thinking%20also%2C%26nbsp%3B%20but%20decided%20I%20am%20being%20ridiculous%2C%20surely%20MS%20could%20not%20have%20missed%20this%20obvious%20%22flaw%22.%26nbsp%3B%20If%20this%20is%20indeed%20the%20case%2C%20then%20there%20is%20major%20hole%20in%20audit%20logging%20sensitivity%20labelling%20if%20users%20don't%20use%20the%20desktop%20clients%20and%20just%20use%20the%20web%20clients%2C%20then%20no%20audit%20logging%20is%20available%2C%20seems%20a%20major%20oversight%20by%20MS.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHoping%20someone%20from%20MS%20will%20see%20this%20and%20correct%20us%20here.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Contributor

Hi,

 

We have AIP enabled on our tenant and users are licenced (Azure Information Protection Premium P2) and we have enabled audit logging for AIP in Azure.

 

We have two scenarios, which we observe different logging behaviour and its perplexing.

 

  1. If we start a document within office desktop and apply a sensitivity label, we will see this event in the audit log.
  2. If we start a document within office web and apply a sensitivity label, we will not see this event in the audit log.

Is this behaviour by design that office web apps will not log label events to the audit log?  I cant find anything online that specifically speaks to office webapps (word/excel) having this issue.

 

Anyone have any ideas?

 

 

Answer: As per roadmap highlighted by @mmancina auditing via office web apps isn't supported yet and is in development. Microsoft 365 Roadmap | Microsoft 365

 

 

 

 

 

4 Replies
Hi Warren, not 100% sure, but I think audit log is part of the Labeling Client and therefore only available on office desktop.

@mmancina Yeah, that's what I was thinking also,  but decided I am being ridiculous, surely MS could not have missed this obvious "flaw".  If this is indeed the case, then there is major hole in audit logging sensitivity labelling if users don't use the desktop clients and just use the web clients, then no audit logging is available, seems a major oversight by MS.

 

Hoping someone from MS will see this and correct us here.

Best Response confirmed by Warren Patterson (Contributor)
Solution
https://www.microsoft.com/de-at/microsoft-365/roadmap?featureid=70542 check this out. Seems like this feature is already in development.

@mmancina geez, thanks!  we did search the roadmap, but clearly need to sharpen my searching skills :)

 

So its definitely not yet supported, this is good to know.

 

Thanks, I will update my post above to indicate this.