one of my user has received an email in his inbox.
We detected something unusual about a recent sign-in to the Microsoft account
Country/region: United Kingdom
IP address: X.X.X.X(some public ip
Date: 5/26/2018
Platform: Windows
The user is in india, he says someone might have tried to login from UK.
Auditing is enabled on his mailbox, how do i troubleshoot further. i have a requirement to get the logs from exchange, how do i get the logs
