Before you start creating a monitoring plan to audit your Exchange Online organization, plan for the account that will be used for data collection – it should meet the requirements listed below. Then you will provide this account in the monitoring plan wizard.
In the Cloud:
- The account needs to be created as a Cloud-Only account.
- To connect to Exchange Online, the account must be assigned the following Exchange admin roles:
- Audit logs
- Mail Recipients
- View-Only Configuration
NOTE: Accounts with multi-factor authentication are not supported.