SharePoint Online: Find Permission Changes using Audit Reports

Requirement: Get all permission changes in a SharePoint Online site collection.

Auditing permission changes is critical for SharePoint Online security. Audit reports provides permission changes report to track changes to security such as modifications to permissions, permission inheritance, group membership and security related events.

Step 1: Activate "Reporting" feature for the Site Collection
Activate "Reporting" feature if its not activated already.
  • Navigate to "Site Settings" >> Under "Site Collection Administration", Click on "Site collection features"
  • Click on "Activate" button next to "Reporting" 

Step 2: Configure Audit Settings for Permission Changes
The next step is to enable security changes flag for auditing. Here is how to enable audit for permission changes in SharePoint Online:
  • Create a new document library to store audit logs
  • Go to "Site Settings" >> Click on "Site collection audit settings" >> Enable "Editing Users and Permissions" events to audit under the "List Libraries and Sites" settings.
    audit permission changes in sharepoint online

Step 3: View Audit Logs
To view all audit logs of security changes, 
  • Go to "Site Settings" >> Click on "Audit log reports" under "Site Collection Administration"
  • Click on the "Security Settings" report to view all permission changes made in your SharePoint Online site collection
  • Specify the report location and Click on "OK" to run the report.
    sharepoint online security audit
SharePoint Online: Find Permission Changes using Audit Reports SharePoint Online: Find Permission Changes using Audit Reports Reviewed by Salaudeen Rajack on June 15, 2018 Rating: 5

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.