Turn On Auditing
This article describes how to turn on auditing in the Microsoft 365 Security & Compliance Center.
For SysKit Point to collect, process, and save audit logs, you must enable auditing in your tenant. The following warning message shows in SysKit Point if auditing is not enabled:
SysKit Point - Audit Error
You can use the SysKit Point app, but audit data won't be collected.
The Microsoft 365 Security Center opens, showing the Audit log search page. At the top of the screen, a blue button is available to turn on auditing.
Microsoft 365 Security Center - Start recording user and admin activity
After you click the button, a security dialog appears. Click Yes to continue.
Microsoft 365 Security Center - Security dialog
After you complete the steps described, wait for audit logs to show on the Audit Log Search page.