Alerts profiles
This document takes you through the steps to,
To add a new alert profile
- Go to the Settings tab.
- Select Configuration → Audit Configuration → Alert Profiles in the left pane.
- Click Add profile.
- In the profile configuration page,
- In the Filter section, the attribute Target refers to the object on which the action must be performed, and Caller refers to the object which performs the action.
- Macros are pre-defined keywords that auto-fill entries and can be used to customize mailers specific to the recipient.
- The audit report generated for the group will constitute all the members present in the group, at the time of view.
View an existing profile
- Go to the Settings tab.
- Select Configuration → Audit Configuration → Alert Profiles in the left pane.
- Click Search icon if you are looking for a specific alert.
- You can view alerts of a specific Microsoft 365 Service or/and Category by clicking the corresponding tab
- You can also view Enabled/Disabled alerts using the Filter option found at the top right corner of the table.
Modify an existing profile
- Go to the Settings tab.
- Select Configuration → Audit Configuration → Alert Profiles in the left pane.
- Select the checkbox corresponding to the alert that you wish to modify. You can select multiple alerts.
- Select Manage drop-down found at the left corner of the table.
- Click Enable icon under Actions column, if you wish to enable a disabled alert.
- Click Disable under Actions column, if you wish to disable an enabled alert.
- Click Edit under Actions column, to make any changes to the existing alert.
Delete an existing profile
- Go to the Settings tab.
- Select Configuration → Audit Configuration → Alert Profiles in the left pane.
- Click Delete, if you wish to remove an existing profile.You can perform bulk operations by choosing multiple profiles.
- Click on Alert Settings to delete alters older than days you specify.
Configure retention period for alerts
You need to configure the number of days for which the alert messages must be retained, for better disk space management. Once configured the alert messages older than the retention period will be automatically deleted.
- Go to the Settings tab.
- Choose Configuration → Audit Configuration → Alert Profiles from the left pane.
- In the page you see, select the Alert Settings option found in the top right corner.
- Select the Delete alerts older than check box, and provide the number of days for which the alert messages must be retained in the text box found.
Target Objects
These are objects on which mailbox login, delete modification and more such events can be performed. They are further classified as users and groups.Target users constitute all the Azure Active Directory user accounts. Target groups are the Active Directory groups.
Target Callers
These are objects who perform events like mailbox login, deletion, creation and much more on the Target Objects.
They are further classified as users and groups.Target users constitute all the Azure Active Directory user accounts. Target groups are the Active Directory groups.
Report Generation
When you want to generate a report, you can choose the corresponding users as well as groups and a cumulative report will be generated. For Target Groups, the report will be generated only for current group members.
For example, assume that mailbox 'A' has been delegated to user 'X' and 'Y'. In order to create a profile, which will report the non-owner accesses of mailbox "A", the Target Object will be Mailbox A and the Target Callers will be Users X and Y.
Don't see what you're looking for?
-
Visit our community
Post your questions in the forum.
-
Request additional resources
Send us your requirements.
-
Need implementation assistance?
Try onboarding