<div>
Also the LogonUserDisplayName should be 'AdminJones' as an example
</div>


<div>
You can use the following command: <br />
<br />
Search-MailboxAuditLog -Identity nelson -LogonTypes Owner -StartDate (Get-Date).AddHours(-2) -ShowDetails | fl operation*,logonuserdispla<wbr />yname,sour<wbr />ceitemsubj<wbr />ect* | Export-CSV C:\AdminAuditLogResults.cs<wbr />v
</div>


<div>
my command as below:<br />
#Set-Mailbox -Identity “andy” -AuditOwner Create, SoftDelete, HardDelete, Update, Move, MoveToDeletedItems -AuditEnabled $true<br />
<br />
#Search-MailboxAuditLog -ShowDetails -Identity “andy” -LogonTypes owner<br />
<br />
#Search-MailboxAuditLog -Identity andy -LogonTypes Owner -StartDate (Get-Date).AddHours(-1) -ShowDetails<br />
<br />
#Search-MailboxAuditLog -Identity nelson -LogonTypes Owner -StartDate (Get-Date).AddHours(-2) -ShowDetails | fl operation*,logonuserdispla<wbr />yname,sour<wbr />ceitemsubj<wbr />ect* | Export-CSV C:\AdminAuditLogResults.cs<wbr />v
</div>


<div>
Saif,<br />
<br />
the mailboxes are already set for auditing. I need a way to output ALL the mailboxes into a csv...not just one at a time.
</div>


Messaging Consulting

Anthony K O365

<div>
What exactly will this do for me?
</div>


<div>
After looking at the command closer, this is what I was looking for!<br />
<br />
Thanks!!
</div>


<div>
<div class="content wysiwyg-content">
Need to search Audit log ALL mailboxes affected by an admin action on a particular date range... The csv Output should have the following columns: <br />
<br />
<br />
Search-MailboxAuditLog -Id &lt;&nbsp; &gt;&nbsp;-LogonTypes admin -ShowDetails -StartDate 11/23/2018 -EndDate 11/27/2018 | select logontype,lastaccessed,log<wbr />ondisplayn<wbr />ame,operat<wbr />ionresult,<wbr />operation,<wbr />logonUserd<wbr />isplayname<wbr />
</div>
</div>


Need to search Audit log ALL mailboxes affected by an admin action on a particular date range... The csv Output should have the following columns: 


Search-MailboxAuditLog -Id <  > -LogonTypes admin -ShowDetails -StartDate 11/23/2018 -EndDate 11/27/2018 | select logontype,lastaccessed,logondisplayname,operationresult,operation,logonUserdisplayname

Search Exchange 2016 Audit Logs

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.