Go Up
You are here: DeploymentConfigure Netwrix Auditor Service AccountsData Collecting AccountFor Exchange Online Auditing

For Exchange Online Auditing

Before you start creating a monitoring plan to audit your Exchange Online organization, plan for the account that will be used for data collection – it should meet the requirements listed below. Then you will provide this account in the monitoring plan wizard.

To collect Activity Records only:

  • The account needs to be created as a Cloud-Only account.
  • To connect to Exchange Online, the account must be assigned the following Exchange admin roles:
    • Audit logs
    • Mail Recipients
    • View-Only Configuration

See Assigning Office 365 Management Roles for more information.

NOTE: Accounts with multi-factor authentication are not supported.

To collect State-in-Time data:

To collect State-in-Time data in your Exchange Online environment, Netwrix creates a dedicated cloud application. The account under which the application is created requires enhanced roles assignment. Later, you can remove roles from the account and perform ongoing State-in-Time data collection with regular roles.

To... Required Roles

Create cloud application

  • Application Administrator & Privileged Role Administrator

    OR

  • Cloud Application Administrator & Privileged Role Administrator

    OR

  • Global Admin

See Assigning Azure AD Administrative Roles for more information.

Collect State-in-Time data

Management Roles:

  • Mail Recipients
  • View Only Configuration
  • Audit Logs
  • Role Management
  • View-Only Recipient

One of the following Azure Active Directory roles:

  • Application Administrator

    OR

  • Cloud Application Administrator

See Assigning Office 365 Management Roles for more information.

Go Up