Syskit Point
Schedule a DemoStart a Free TrialContact UsProduct Site
  • Syskit Point
  • Releases
    • Syskit Point Cloud
      • June 10, 2025
      • June 05, 2025
      • May 27, 2025
      • May 13, 2025
      • May 06, 2025
      • April 29, 2025
      • April 22, 2025
      • April 08, 2025
      • April 01, 2025
      • March 25, 2025
      • March 18, 2025
      • March 11, 2025
      • March 04, 2025
      • February 25, 2025
      • February 18, 2025
      • February 11, 2025
      • February 06, 2025
      • January 28, 2025
      • January 22, 2025
      • January 14, 2025
      • January 02, 2025
      • December 17, 2024
      • December 10, 2024
      • December 03, 2024
      • November 26, 2024
      • November 19, 2024
      • November 05, 2024
      • October 29, 2024
      • October 22, 2024
      • October 15, 2024
      • October 08, 2024
      • October 01, 2024
      • September 24, 2024
      • September 18, 2024
      • September 02, 2024
      • August 26, 2024
      • August 20, 2024
      • August 12, 2024
      • August 06, 2024
      • July 29, 2024
      • July 23, 2024
      • July 02, 2024
      • June 18, 2024
      • June 04, 2024
      • May 21, 2024
      • May 09, 2024
      • April 23, 2024
      • April 9, 2024
      • March 26, 2024
      • March 12, 2024
      • February 22, 2024
      • February 06, 2024
      • January 19, 2024
      • January 18, 2024
      • December 19, 2023
      • November 30, 2023
      • November 15, 2023
      • November 2, 2023
      • November 2, 2023 - Announcement
      • October 17, 2023
      • October 3, 2023
      • September 21, 2023
      • September 14, 2023
      • September 7, 2023
      • August 23, 2023
      • August 9, 2023
      • July 26, 2023
      • July 12, 2023
      • May 16, 2023
    • Syskit Point Data Center
      • Syskit Point 2025.3
        • Syskit Point 2025.3.93
      • Syskit Point 2025.2
        • Syskit Point 2025.2.91
        • Syskit Point 2025.2.90
        • Syskit Point 2025.2.86
        • Syskit Point 2025.2.82
        • Syskit Point 2025.2.78
      • Syskit Point 2024.6
        • Syskit Point 2024.6.73
        • Syskit Point 2024.6.71
        • Syskit Point 2024.6.70
      • Syskit Point 2024.5
        • Syskit Point 2024.5.67
        • Syskit Point 2024.5.65
      • Syskit Point 2024.4
        • Syskit Point 2024.4.60
        • Syskit Point 2024.4.54
        • Syskit Point 2024.4.52
      • Syskit Point 2024.3
        • Syskit Point 2024.3.48
      • Syskit Point 2024.2
        • Syskit Point 2024.2.45
      • Syskit Point 2024.1
        • Syskit Point 2024.1.43
        • Syskit Point 2024.1.41
      • Syskit Point 2023.5
        • Syskit Point 2023.5.39
      • Syskit Point 2023.4
        • Syskit Point 2023.4.1
        • Syskit Point 2023.4.0
      • Syskit Point 2023.3
      • Syskit Point 2023.2
      • Syskit Point 2023.1
        • Syskit Point 2023.1.3
        • Syskit Point 2023.1.2
        • Syskit Point 2023.1.1
        • Syskit Point 2023.1.0
      • Syskit Point 2022.5
        • Syskit Point 2022.5.1
        • Syskit Point 2022.5.0
      • Syskit Point 2022.4
        • Syskit Point 2022.4.1
        • Syskit Point 2022.4.0
      • Syskit Point 2022.3
        • Syskit Point 2022.3.1
        • Syskit Point 2022.3.0
      • Syskit Point 2022.2
        • Syskit Point 2022.2.3
        • Syskit Point 2022.2.2
        • Syskit Point 2022.2.1
        • Syskit Point 2022.2.0
      • Syskit Point 2021.12
      • Syskit Point 2021.11
      • Syskit Point 2021.10
      • Syskit Point 20
      • Syskit Point 19
        • Syskit Point 19.0.2
        • Syskit Point 19.0.1
        • Syskit Point 19.0.0
  • Requirements
    • Permission Requirements
    • Change Log
  • Set Up Point Cloud
    • Overview
    • Free Trial
    • Free Trial Limits
    • Manage Syskit Point Subscriptions
  • Set Up Point Data Center
    • Deployment
      • Overview
      • System Requirements
      • Deploy Syskit Point
      • Connect to Microsoft 365 Tenant
      • Set Up Custom Domain and SSL Certificate
      • Upgrade Syskit Point
      • Azure Networking
    • Activation
      • Activate Syskit Point
      • Free Trial Data Center
  • Licensing & Activation
    • Licensed Users Count
    • Activation Privacy Statement
  • Get to Know Syskit Point
    • The Syskit Point Starter Kit
    • Navigate Through Syskit Point
    • Collect Microsoft 365 Data
  • Microsoft 365 Inventory
    • Microsoft 365 Inventory Overview
    • Explore Your Microsoft 365 Dashboard
    • Sites
    • Microsoft Teams & Groups
    • Users
    • Copilot Readiness
    • Power Platform Reports
  • Configuration
    • Syskit Point Configuration Guide
    • Assign and Manage Access to Syskit Point
    • Enable Microsoft Teams Activity Tracking
    • Configure Storage Management in Syskit Point
    • Set Up E-Mail
    • Connect Service Account
    • Customize Audit Logs Collection
    • Upgrade SQL to Managed Identity Authentication
    • Enable Power Platform Data Collection
    • Enable Power BI Data Collection
    • Ignore Service Account Activity Tracking
    • Customize License Reports
    • Customize E-Mails
    • Report Data Limits
    • Turn On Auditing
    • Exclude Users from Receiving Governance Tasks
    • Customize Dashboard
    • Customize Syskit Point Appearance
    • Configure Your Environment for Storage Management
    • Save Custom Views
    • Audit for Syskit Point Settings
    • Manage Connection
  • Reporting
    • Overview
    • External Sharing Reports
    • Access Reports
    • Audit Reports
    • Cleanup & Health Reports
    • Licenses Reports
    • Analytics Reports
    • Sensitivity Labels Reports
    • Power Platform Reports
    • Power BI Reports
  • Storage Management
    • Storage Management Overview
    • Free Up Storage
    • Storage Reports
    • Limit Storage Usage
    • Storage Versioning Limits
  • Governance & Automation
    • Syskit Point Tasks
    • Access Review
      • Enable Automated Access Review
      • Create and Apply Access Review Policies
      • Modify Access Review Options
      • Monitor Access Review in Syskit Point
      • Manually Request Access Review in Syskit Point
    • Lifecycle Management
      • Lifecycle Management - Deprecated
      • Identify Inactive Workspaces
      • Enable Lifecycle Management Automation
      • Monitor Lifecycle Management Tasks in Syskit Point
      • Run Lifecycle Management Actions in Syskit Point
    • Policies
      • Set Up Policies
      • Rules
      • Blocked Users with Assigned Licenses
      • Inactive Guest Users
      • Inactive Workspaces
      • Minimum Number of Owners
      • Maximum Number of Owners
      • Orphaned Workspaces
      • Orphaned Users
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
      • Apply Policies
      • Upgrade to Rules
    • Security and Compliance Checks
      • Security and Compliance Checks
      • Inactive Workspaces
      • Orphaned Workspaces
      • Inactive Guest Users
      • Blocked Users with Assigned Licenses
      • Workspaces with Not Enough Owners
      • Orphaned Users
      • Workspaces with Too Many Owners
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
    • Provisioning
      • Set Up Provisioning
      • Enable or Disable Provisioning
      • Register Yammer App
      • Enable Sensitivity Labels
      • Restrict Microsoft 365 Groups Creation
      • Templates
      • Content & Structure
      • Configure Provisioning Failure Notifications
      • Approval Processes
      • Approve/Reject Requests
      • Manage Requests
      • Hide Workspace Name
    • Access Requests
      • Set Up Access Requests
      • Create Access Requests
      • Apply Access Requests
      • Approval Process
    • Metadata
      • Manage Custom Metadata
      • Request Metadata Review
      • Monitor Metadata Review
    • Sensitivity Review
      • Request Sensitivity Review
      • Monitor Sensitivity Review
    • Privacy Review
      • Request Privacy Review
      • Monitor Privacy Review
    • Syskit Point Teams App
    • Schedule Reports
    • Configure Alerts
    • Manage Sensitivity Labels
  • Access Management
    • Track Microsoft 365 External Users and Their Activities
    • Check Access for Specific Microsoft 365 User
    • Copy User Permissions
    • Delete and Restore Users
    • View Permission Changes in Microsoft 365
    • Supervise Microsoft Teams Private Channels
    • Manage Private Channels Access
    • Complete Power Platform Actions
  • Integrations
    • Overview
    • Syskit Point API
    • Webhooks
    • Examples
      • Webhooks
      • ServiceNow
      • Jira
  • FAQ
    • Security
    • Security Self Assessment Questionnaire
    • Storage Management
    • Free Trial
    • Licensing
    • Activation
    • Purchasing and Discounts
    • Customer Terms
    • Privacy and Compliance
    • Partner Program
    • Site Storage Limits
    • Orphaned Users
    • Inactive Users Detection
    • Provisioning - Content & Structure
    • Multi-Geo
  • Troubleshooting
    • Export Diagnostic Logs
    • Setup Diagnostic Logs Export
    • Analytics and Usage Report Issues
  • Explore Syskit Point for Site Owners/Collaborators
    • Syskit Point for Collaborators
    • Resolve Governance Tasks
      • My Tasks
      • Complete Access Review Tasks
      • Complete Metadata Review Tasks
      • Complete Privacy Review Tasks
      • Complete Sensitivity Review Tasks
      • Resolve Inactive Workspaces Tasks
      • Resolve Lifecycle Management Tasks
      • Resolve Inactive Guest Users Tasks
      • Resolve Minimum Number of Owners Tasks
      • Resolve Maximum Number of Owners Tasks
      • Resolve Orphaned Workspaces Tasks
      • Resolve Tenant Storage Limit Task
    • Manage Access
      • Manage External Sharing
      • Manage Users
    • Manage Workspaces
      • Request New Workspace
      • Request Workspace Access
      • Manage Workspaces
      • Manage Custom Metadata
    • Reporting
      • Syskit Icons Glossary
      • Inventory Reports
      • Schedule Reports
      • Alerts
      • Cleanup & Health Reports
      • External Sharing Reports
      • Access Reports
Powered by GitBook
On this page
  • Alert Types and Categories
  • Tenant-Wide Alerts
  • Site-Specific Alerts
  • User-Specific Alerts
  • Enabling and Customizing Alerts
  • Alert E-mail
  • Editing Alerts
  • Alert Reports

Was this helpful?

  1. Governance & Automation

Configure Alerts

This article describes how to enable and customize alerts in Syskit Point.

PreviousSchedule ReportsNextManage Sensitivity Labels

Last updated 1 year ago

Was this helpful?

Alerts are available in the Security & Compliance plan and higher tiers. See the for more details.

Alerts feature in Syskit Point allows you to monitor events that are collected within Microsoft 365 audit logs.

Syskit Point Admins and Syskit Point Collaborators (site admins, Microsoft Teams and Microsoft 365 Group owners, and full control users) can configure alerts. Point Admins can manage all created alerts regardless of who created them.

You can enable alerts on the following screens:

  • Sites overview screen

  • Microsoft Teams & Groups overview screen

  • Users overview screen

You can enable alerts on the following scopes and objects:

  • Tenant-wide; to monitor events regardless of which site they come from or who caused them

  • Specific SharePoint site; to monitor events that occurred on the selected site; additionally, when exploring site content, you can define alerts on the following objects:

    • Subsite

    • Document library

    • Folder

    • Document

  • Specific user; to monitor events caused by a specific user

Alert Types and Categories

This section describes all alert types and lists all available alerts for each type.

Tenant-Wide Alerts

You can enable and configure tenant-wide alerts on the following overview screens:

  • Sites

  • Microsoft Teams & Groups

  • Users

The Configure Tenant Wide Alerts action (1) is available in the right-side panel on all of the listed screens.

Please note! Tenant-wide alerts available on the Sites overview screen and Microsoft Teams & Groups overview screen are identical because they monitor the same SharePoint events; therefore, changes on one screen will also be visible on the other.

The following tenant-wide alert categories and alerts are available for Microsoft Teams, Microsoft 365 Groups, OneDrive, and sites:

Alert Category
Alerts
Overview screen

External Collaboration

Shared File or Folder Externally

Sites, Microsoft Teams & Groups

Sharing Activities

Shared File or Folder, Shared With Everyone

Sites, Microsoft Teams & Groups

Site Administration Activities

Site Administrators Changed, Changed Sharing Policy, Created Site Collection, Deleted Site, Renamed Site

Sites, Microsoft Teams & Groups

Microsoft Teams Activities

Created Team, Deleted Team

Sites, Microsoft Teams & Groups

Privacy Changes

Changed Private Group to Public, Changed Private Team to Public

Sites, Microsoft Teams & Groups

Sensitivity Labels Changes

Changed Sensitivity Label on Site

Sites, Microsoft Teams & Groups

User Activities

User Logged in, User Login Failed, External User Logged in, External User Login Failed

Users

User & Role Administration Activities

Added User, Deleted User, Added User to Role, Removed User from Role

Users

Site-Specific Alerts

Site-specific alerts can be enabled from the following screens:

  • Sites overview screen by selecting a site

  • Microsoft Teams & Groups overview screen by selecting a Microsoft Team or a Microsoft 365 Group

  • Site details screen; as mentioned, you can configure alerts for specific SharePoint objects:

    • Subsite

    • Document library

    • Folder

    • Document

  • Microsoft Teams and Microsoft 365 Group details screen

The Configure Alerts action (1) is available in the right-side panel.

The following table shows the availability of alerts per scope:

Alert Category
Alerts
Workspace / Scope

External Collaboration

Shared File or Folder Externally, External User File Activity

Microsoft Teams, Microsoft 365 Groups, OneDrive, sites

Sharing Activities

Shared File or Folder, Shared With Everyone

Microsoft Teams, Microsoft 365 Groups, OneDrive, sites

Site Administration Activities

Site Administrators Changed, Added User or Group to SharePoint Group, Changed Sharing Policy, Deleted Site, Renamed Site, Created SharePoint Group, Deleted SharePoint Group, Updated SharePoint Group

Microsoft Teams, Microsoft 365 Groups, OneDrive, sites

File & Folder Activities

Accessed File, Checked In File, Checked Out File, Copied File, Detected Malware in File, Downloaded File, Moved File, Uploaded File, Created Folder, Changed File or Folder

Microsoft Teams, Microsoft 365 Groups, OneDrive, sites

SharePoint List Activities

Created List, Deleted List

Microsoft Teams, Microsoft 365 Groups, OneDrive, sites

Sensitivity Labels Changes

Changed Sensitivity Label on Site

Microsoft Teams, Microsoft 365 Groups, OneDrive, sites

Microsoft Teams & Groups Membership Changes

Added Member, Removed Member

Microsoft Teams, Microsoft 365 Groups

Privacy Changes

Changed Private Team/Group to Public

Microsoft Teams/Microsoft 365 Groups

Microsoft Teams Activities

Added Bot to Team, Removed Bot from Team, Added Channel, Deleted Channel, Added Connector, Updated Connector, Removed Connector, Added Tab, Updated Tab, Removed Tab, Deleted Team, Changed Team Settings, Changed Channel Settings

Microsoft Teams

User-Specific Alerts

User-specific alerts can be enabled on the following screens:

  • Users overview screen by selecting a user

  • User details screen

The Configure Alerts action (1) is available in the right-side panel.

The following alert categories and alerts are available for a specific user:

Alert Category
Alerts

User Activities

User Logged in, User Login Failed

Enabling and Customizing Alerts

Please note! The following section explains how to enable and customize an alert on a specific site. The same principles from this example also apply when dealing with alerts for other types of workspaces - Microsoft Teams, Microsoft 365 Groups, OneDrive, users, or SharePoint objects such as document libraries or folders.

To enable alerts for a specific site:

  • Navigate to the Sites overview screen

  • Select a site (1)

  • Click the Configure Alerts (2) link

The Configure Alerts dialog opens. Here, the following is available:

  • Alert categories (1)

  • Alerts (2) grouped by categories

    • Click the arrowhead next to the alert category to expand

  • Search (3)

  • Alert state toggle (4)

    • The toggle should turn purple when an alert is active

  • Alert options section (5)

    • This section is inactive until the alert is enabled

To enable and start editing an alert, switch the toggle next to the alert title (4).

After you enable the alert, the alert options section is activated. Here you can customize the alert options, which are separated into the following tabs:

  • Notifications (1)

  • Filters (2)

  • Event Type (3)

Please note! Tabs and filters are displayed depending on the selected alert. For example, the Event Type tab is only available on alerts that monitor multiple events.

Let's examine the options on each tab separately.

On the Notifications tab, you can:

  • Define email notification recipients (1); one or multiple options can be selected:

    • Site Owners

    • Syskit Point Administrators

    • Custom Recipients

      • Select a user from your Azure AD

  • Define notification limits (2)

    • Unlimited

      • Emails are sent regardless of how many alerts are triggered daily

    • Selected number

      • Emails are no longer sent after the alert is triggered more than a selected number of times

In the Filters tab, you can limit the alerts to be triggered only when:

  • Selected user(s) caused an event (1); the following filter options are available:

    • All Users

      • This is selected by default

    • External Users

    • Internal Users

    • Any of These

      • Additional selection of users is required

    • None of These

      • Additional selection of users is required

  • The action was performed on the selected user(s) (2); the following filter options are available:

    • All Users

      • This is selected by default

    • External Users

    • Internal Users

    • Any of These

      • Additional selection of users is required

    • None of These

      • Additional selection of users is required

  • Event has come from the selected IP or IP range (3); the following filter options are available:

    • Any IP Range

      • This is selected by default

    • Like Any of

      • Additional input of IPs / IP ranges is required

    • Equals None of

      • Additional input of IPs / IP ranges is required

In the Events tab, you can choose events for which Syskit Point will raise an alert. By default, all events are selected. Click the checkbox to ignore the event.

Alert E-mail

When Syskit Point collects audit logs, if there is an event you decided to monitor by enabling an alert, an e-mail is sent to defined recipients.

The picture below is an example of such an e-mail. Click the View Alerts Details link to access the Alert details screen in Syskit Point.

Editing Alerts

The Edit Alert action is available on two screens - Alerts overview screen and Alert Details.

You can edit all alerts on overview screens where you initially enabled them - both tenant-wide, and site-wide or user-specific alerts.

Alert Reports

When you log into Syskit Point as Point admin, you can find the Alerts button by clicking your profile in the top right corner of the screen.

Click the button to open the Alerts report. Here, you can see all alerts that are currently enabled.

On the Alerts overview screen, you can:

  • Switch the view between alert and scope (1)

  • Select additional columns in the column chooser (2)

  • Find two actions - Disable Alert and Edit Alert (3) when you select a single row

Disable alert action allows selecting multiple rows.

When you haven't selected anything on the screen, an Add Alert (2) action is visible in the side panel. With this, you can define tenant-wide alerts for sites.

Here is also a link to the Alerts History (1) screen, which shows all triggered alerts in your environment.

On the Alerts History screen, you can:

  • Select one or multiple rows and mark alerts as resolved, and write a comment (1)

  • Open details screen for a single alert (2)

Alert Details screen allows you to see additional information about the alert. Here you can:

  • Mark alert as resolved (1)

  • Edit settings for the alert (2)

  • Expand the More Details (3) section - here, all audit logs related to this alert are listed

  • Export both sections - triggered alerts and alert audit details (4)

Hint! When you open the Notifications dropdown from the user profile menu, you can:

  • Click the View Details link (1) to open the Alert Details screen for a specific alert

  • Click the View All Alerts link (2) to open the Alerts History screen

pricing page
Sites - Configure Tenant Wide Alerts action
Sites - Configure Alerts action
Users - Configure Alerts action
Sites overview screen - Configure Alerts action
Configure Alerts dialog
Configure Alerts - Tabs
Configure Alerts - Notifications tab
Configure Alerts - Filters tab
Configure Alerts - Events tab
Alert E-mail
Edit Alert dialog
Home screen - Alerts tile
Alerts overview screen
Alerts Overview screen – no row selection
Alerts History screen
Alert Details screen
Notifications dropdown