We are looking to implement security monitoring over Exchange 2010.
Some events we would like to monitor for are:
1. Mailbox Creation
2. Mailbox Deletion
3. Admins reading other users emails
4. Change of permissions to mailboxes.
Has anyone implemented this type of monitoring?
Does anyone know the event ID's associated with these events?
Is there a list somewhere of all event id's for Exchange 2010?
Thanks for the help