![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 76%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EI8%3C/text%3E%3C/svg%3E)
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,844 questions
Hi I8 if we will talk about Exchange, try: Auditing Public Folders: To audit public folder deletions in Exchange Online, follow these steps:
- Login to the Microsoft Purview Compliance portal
- Select Audit.
- Specify the date range for which you want to search for auditing entries.
- Under Record types, select Public Folder.
- Provide a meaningful search name and click on Search.
- The search results will appear, and you can also export them if needed.
- Searching Audit Logs for Compliance Mailboxes: To search mailbox audit logs for compliance mailboxes, you can use the Search-MailboxAuditLog cmdlet in Exchange PowerShell. Here’s an example:
Search-MailboxAuditLog -Identity "demo" -LogonTypes Admin,Delegate -StartDate 1/1/2018 -EndDate 12/31/2018 -ResultSize 2000
Replace "demo" with the actual mailbox identity and adjust the date range as needed Remember to ensure that you have the necessary permissions to run these commands.
Also there are a few reasons you might not be seeing results when trying to audit public folders and compliance mailboxes. Here's how to troubleshoot:
Public Folder Audits:
Native limitations: Unfortunately, native auditing for public folders in Exchange Server is limited. It doesn't track specific user actions like who moved or deleted emails. Here are some alternative approaches:
Third-party tools: Consider third-party auditing tools designed for Exchange servers. These can provide more granular tracking of public folder activity. Permission monitoring: Tighten permission controls on public folders. Restrict access and monitor who has editing or deletion privileges. Compliance Mailbox Audits:
Audit Logging Enabled: Double-check that mailbox audit logging is enabled for the specific compliance mailboxes you're interested in. You can usually manage this through the Exchange admin center or PowerShell.
Retention Period: Ensure the audit log retention period covers the timeframe you're searching for. Logs might be automatically purged after a set period (often 90 days in Exchange Online).
Search Filters: Refine your search filters within the audit logs. Specify relevant dates, user accounts, or mailbox activities to narrow down the results.
Here are some resources to help further:
Manage mailbox auditing: https://learn.microsoft.com/en-us/purview/audit-mailboxes Audit logs at email / user level on public folders (Exchange 2010): https://community.spiceworks.com/t/email-mailbox-for-public-folder-deleted/931256 (While this is for an older version, it might offer some insights) Additional Tips:
Contact your IT admin: If you're unsure about auditing configurations or have limited access, contact your IT administrator for assistance. Microsoft Documentation: Refer to the official Microsoft documentation for your specific version of Exchange for detailed instructions on enabling and searching audit logs.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 83%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENJ%3C/text%3E%3C/svg%3E)