You have looked at the manage.office.com APIs? Sent from my Windows Phone ________________________________ From: Jonathan Raper<mailto:[email protected]> Sent: 7/6/2015 7:44 PM To: [email protected]<mailto:[email protected]>; [email protected]<mailto:[email protected]> Subject: Re: [Exchange] RE: Exchange Online Audit question
This is an interesting and valid question. I had not thought about this, but we are/have been accustomed to doing the same thing under certain circimstances by referncing the TMG logs. Curious if this info could be obtained by opening a service request for a legitimate security concern for login attempts against a given account that has been migrated to O365? It would be a pain because you can't do it yourself, but surely Microsoft has dealt with this by now..... Jonathan Raper, MCSE, VCA Senior Solutions Engineer NWN Corporation Sent by Outlook for Android On Mon, Jul 6, 2015 at 4:16 PM -0700, "Michael B. Smith" <[email protected]<mailto:[email protected]>> wrote: I am certainly not authoritative, but I don’t know of any way to do this. You need access to the Connection logs or the IIS protocol logs, and neither of those are exposed via O365. From: [email protected] [mailto:[email protected]] On Behalf Of Ramatowski, Paul M.. Sent: Monday, July 6, 2015 4:04 PM To: [email protected] Subject: [Exchange] Exchange Online Audit question On premise, we had local logs to look at when and where connections came from to a mailbox- for example my creds log into my mailbox from home and we could see the connection coming from my ISP’s IP address. I have been asked- Is there a way to track where the connection comes from when my creds are used to log into my mailbox in Exchange Online. I’ve been looking around and best I can tell the answer is still no, as of January 2015 at least on the 0365 message boards. Best I can come up with is a last logon time which isn’t helpful in this case. So question is, anyone know of a way this could be done whether third party tools are involved or not, or are we just Out of luck? Thanks, Paul
