Links

Turn On Auditing

This article describes how to turn on auditing in the Microsoft 365 Security & Compliance Center.
For SysKit Point to collect, process, and save audit logs, you must enable auditing in your tenant. The following warning message shows in SysKit Point if auditing is not enabled:
SysKit Point - Audit Error
You can use the SysKit Point app, but audit data won't be collected.
First, open the following URL: https://security.microsoft.com/auditlogsearch
The Microsoft 365 Security Center opens, showing the Audit log search page. At the top of the screen, a blue button is available to turn on auditing.
Microsoft 365 Security Center - Start recording user and admin activity
After you click the button, a security dialog appears. Click Yes to continue.
Microsoft 365 Security Center - Security dialog
After you complete the steps described, wait for audit logs to show on the Audit Log Search page.
Please note! SysKit Point will not collect audit log data before it becomes available in the Microsoft 365 Security Center. It can take up to 24 hours for audit log data to become available.
Hint! You can also use PowerShell to turn on auditing. Find detailed instructions on how to do so in the following article.