Jun 03 2018
08:49 AM
- last edited on
Feb 01 2023
11:56 AM
by
TechCommunityAP
Jun 03 2018
08:49 AM
- last edited on
Feb 01 2023
11:56 AM
by
TechCommunityAP
one of my user has received an email in his inbox.
We detected something unusual about a recent sign-in to the Microsoft account
Country/region: United Kingdom
IP address: X.X.X.X(some public ip
Date: 5/26/2018
Platform: Windows
The user is in india, he says someone might have tried to login from UK.
Auditing is enabled on his mailbox, how do i troubleshoot further. i have a requirement to get the logs from exchange, how do i get the logs
Jun 03 2018 06:58 PM
Jun 04 2018 08:48 AM
Did you verify that this message isn't a phishing attempt?
Oct 17 2018 04:13 AM
Oct 17 2018 10:22 AM
Your O365 accounts are stored in Azure AD and all of the auditing tools for that directory are available for O365. You may also be interested in using Office Cloud App Security which provides extensive capabilities for analyzing activity performed by all of your accounts , see https://docs.microsoft.com/en-us/cloud-app-security/what-is-cloud-app-security