Send Audit Logs to Office 365 Security and Compliance Center

Enable Options for Sending Audit Logs

Question

You need to send your organization's audit logs to the Office 365 Security and Compliance center.

Please select the two options you should enable to achieve your goal.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

Correct Answers: B and E

Power Platform admin center provides the options for the Audit Settings: Start Auditing - enables and disables the auditing service for the entire organization.

Log access - tracks the users' access to the environment.

Read logs - sends logs to the Office 365 Security and Compliance center.

You need to enable Start Auditing (Number 3) and Read logs (Number 4) options in Audit settings (Number1) from the Environments/Settings menu (Number 1).

Power Platform admin center

| & Environments & Environments > C / (default) > Settings > Audit settings @
\ Analytics Vv .
Auditing
ER Resources “ Manage logging for Common Data Service data

@ GZ start Auditing

| Log access
Dynamics 365 a|
, we (4) EZ Read logs

Portals

Capacity

@ Help + support Additional Audit Settings C7 ©

€, Data integration
@® Data (preview)
© Data policies

G Admin centers v

All other options are incorrect.

For more information about Power Platform Audit services, please visit the below URLs:

To send your organization's audit logs to the Office 365 Security and Compliance center, you need to enable two options: "Start Auditing" and "Log Access."

Here's a detailed explanation of why these options need to be enabled:

  1. Start Auditing: Enabling auditing is the first step in capturing the audit logs. You must enable auditing on the specific entities or objects for which you want to capture the audit logs. For example, if you want to capture audit logs for all activities on the "Accounts" entity in Dynamics 365, you must enable auditing for the "Accounts" entity. This can be done from the entity settings page in the Power Platform admin center.

  2. Log Access: Once auditing is enabled for an entity, the audit logs are captured when users perform activities on that entity. However, to send these logs to the Office 365 Security and Compliance center, you must enable the "Log Access" option. This option allows the Office 365 Security and Compliance center to access the audit logs that are captured for the enabled entities.

Therefore, both options "Start Auditing" and "Log Access" need to be enabled to capture and send the audit logs to the Office 365 Security and Compliance center.

Options C and D, "Table auditing property" and "Field auditing property," are not relevant to this scenario. These options are used to enable auditing for specific tables and fields in a database, respectively.

Option B, "Read Logs," is also not relevant to this scenario. This option is used to grant users access to read audit logs, but it does not enable the capture or sending of the logs.

I hope this explanation helps!