Safetica CASB - activating audit of file activity in Microsoft Office 365

Safetica CASB enables you to audit the most important file activity in your Microsoft Office 365 applications. In this article you will learn how to activate and use this feature.

📝 Note: Information in this article applies to Safetica ONE 10 or older.


With release of Safetica 10.3.165 capabilities of Safetica CASB extend to monitoring of file activity in Microsoft Sharepoint and OneDrive. To have a good understanding of the mechanics of this integration, we recommend reading article Introducing Safetica CASB for data protection in Microsoft 365.

⚠️ Caution: To ensure proper functioning of file activity audit using Safetica CASB, you first need to turn on the audit logs feature in Microsoft Compliance portal.

  1. Visit compliance.microsoft.com with Global Administrator permissions. Click on the Show All link in left menu and then on Audit.

  2. Here, click on Start recording user and admin activity button and wait for it to complete. If you can't see this button, the auditing is already turned on.

    Frame 725

  3. Log in to Safetica Management Console and navigate to Maintenance > Integration settings > Office 365 Integration.
  4. Set the toggle Audit and log Office 365 file operations and then Switch to new Office 365 integration to Yes and save the changes.

    Frame 726-1

  5. An Azure tenant sign-in window will appear requesting you to log in and consent with providing necessary permissions to Safetica. Learn more about the requested permissions here.

📝 Note: Safetica does not have ability to store or read your O365 admin credentials.


After this step, the file audit of your Office 365 data will be activated. You can find the related logs in Websafetica under Data Security > Office 365.

Frame 726