Mailbox Auditing is not enabled by default in Office 365.
Mailbox Auditing is a security flag when you check the Security Score of your
tenant. The Security Centre states that Mailbox Auditing should be abled for at
least 90% of the mailboxes in your organisation.
Mailbox Auditing allows administrators to search the audit
log for mailbox activity.
|
Imports the Office 365
Module
Import-Module MSOnline
Stores the Global
Admin Creds in a Variable
$UserCredential = Get-Credential
Connects to the Tenant
using the Variable
Connect-MsolService = $UserCredential
Creates a Session to
Exchange Online and Stores in Variable
$Session = New-PSSession –ConfigurationName Microsoft.Exchange
–ConnectionUri https://outlook.office365.com/powershell-liveid/
-Credential $UserCredential
–Authentication Basic
-AllowRedirection
Import-PSSession $Session
Enables Mailbox
Auditing for all Users
Get-Mailbox -ResultSize Unlimited
-Filter {RecipientTypeDetails
-eq "UserMailbox"}
| Set-Mailbox
-AuditEnabled $true
Verifies that Mailbox
Auditing is Enabled, if so “True” will be returned
Get-Mailbox "Username"|
FL Audit*
|
