Configuring Exchange Servers for Exchange Auditing


 

Diagnostic Logging should be configured in Exchange Servers to gain access to Mailbox Logon reports. Upon configuration, the mailbox logon events are recorded in the ′Application Log′ in ′Event Viewer′and further used for generating Mailbox Logon reports. This topic explains the procedure to set the Diagnostic Logging levels using the Exchange Management Shell and Exchange Management Console.

 

For Exchange Server 2003

For Exchange Server 2007 and 2010

Use Exchange System Manager to configure Exchange Server 2003

Configuring Diagnostic logging On Exchange Server 2003

 

On configuring, all the available data from the event logs will be fetched.
If there is no data in the event logs, please wait for the desired audit event and event collection to happen.

 

Use Exchange Management Shell to configure Exchange Server 2007 and 2010

        Set-EventLogLevel "MSExchangeIS\9000 Private\Logons" –Level Expert

 

On configuring, all the available data from the event logs will be fetched.
If there is no data in the event logs, please wait for the desired audit event and event collection to happen.

 

(OR)

Use Exchange Management Console to configure Exchange Server 2007 and 2010

  • In Exchange Server 2007, Exchange Management Console can be used for SP2 or later. For SP1 and earlier versions, use the Exchange Management Shell.

  • On configuring, all the available data from the event logs will be fetched.
    If there is no data in the event logs, please wait for the desired audit event and event collection to happen.

Copyright © 2019, ZOHO Corp. All Rights Reserved.
ManageEngine
Get download link