Log Forwarder

'Log Forwarder' option allows you to forward Office 365 audit logs to an external SIEM product or to a Syslog Server.

Forwarding Logs to Syslog Server:

Syslog is the event logging service in unix systems.You may also use this setting to forward to your SIEM's UDP or TCP receiver.

Configuring a Syslog Server:

Steps to enable Syslog Logging in Office 365 manager Plus:

Forwarding Office 365 Logs to an external SIEM product : Splunk HTTP

Steps to configure Splunk Http Event Collector:

Steps to configure O365 Manager Plus: