Change Guardian monitors the following in Office 365:
Exchange Online Settings
Management Role Groups
This section provides the following information:
The following diagram illustrates how Change Guardian collects events from Exchange Online:
Complete the following tasks to start monitoring Office 365 events:
Ensure that the following is complete:
You must configure the Change Guardian server to receive Office 365 event logs from Change Guardian Event Collector Addon for Windows Agent.
To enable monitoring:
In Agent Manager, select the asset and click> .
In Agent Manager, select the asset and click>
In the Reconfigure Agent page, selectunder .
Specify the location to store CEF events in.
NOTE:Ensure that the value in ceffolder parameter in <install_directory>\current\user\agent\agent.properties.matches the you specify during Change Guardian Event Collector Addon for Windows Agent installation. You can get the CEF data path from the
Exchange Online Settings: Policies about creating, deleting, and changing settings, such as role permissions, data loss prevention, anti-malware and retention policies, and mailbox recipients
Mailbox Accounts: Policies about the following:
Creating and deleting of mailbox accounts
Enabling and disabling mailbox accounts
Mailbox Messages: Policies about sending on behalf of another user, moving, deleting messages, and so on
Management Roles Groups: Policies about adding, changing, and deleting the following management groups: compliance, discovery, organization, and records
For information about creating policies in Change Guardian, see Creating Change Guardian Policies.
After creating policies, you can assign them to assets. For information about assigning policies, see Working with Policies.