Avatar of Pau Lo
Pau Lo
 asked on

security roles office365

is there a specific security role in office365 which would allow our risk team to run message trace requests and also have complete unrestricted to the various audit logs, such as the unified audit log. e.g. that mentioned in here:


it would be also useful to identify the current auditing settings, e.g. what is and what is not being captured, so identifying
ExchangeMicrosoft 365Email Servers

Avatar of undefined
Last Comment
Vasil Michev (MVP)

8/22/2022 - Mon
Vasil Michev (MVP)

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Pau Lo

Ok thanks. Is there a lower privelege role that can run message traces so we could combine the two?
Pau Lo

which specific systems is the unified audit log  querying ?
Vasil Michev (MVP)

The unified audit log is querying data across all O365 workloads, thus the name. As for message trace, you could do with the Exchange-specific View-Only Recipients role.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.