Export (0) Print
Expand All
0 out of 1 rated this helpful - Rate this topic

Enable or Disable Mailbox Audit Logging for a Mailbox

Exchange 2010
 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-10-03

By using mailbox audit logging, you can track logons to a mailbox, and also track what actions are taken while the user is logged on. When you enable mailbox audit logging for a mailbox, some actions performed by administrators and delegates are logged by default. None of the actions performed by the mailbox owner are logged. To learn more about mailbox audit logging, see Understanding Mailbox Audit Logging.

CautionCaution:
Auditing of mailbox owner actions can generate a large number of mailbox audit log entries. Therefore, this feature is disabled by default. We recommend that you enable auditing only of specific owner actions that are needed to meet business or security requirements.
noteNote:
You can't use the Exchange Management Console (EMC) or the Exchange Control Panel (ECP) to enable or disable mailbox audit logging.

Looking for other management tasks related to mailbox audit logging? Check out Managing Mailbox Audit Logging.

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox audit logging" entry in the Messaging Policy and Compliance Permissions topic.

This example enables mailbox audit logging for Ben Smith's mailbox.

Set-Mailbox -Identity "Ben Smith" -AuditEnabled $true

This example disables mailbox audit logging for Ben Smith's mailbox.

Set-Mailbox -Identity "Ben Smith" -AuditEnabled $false

For detailed syntax and parameter information, see Set-Mailbox.

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox audit logging" entry in the Messaging Policy and Compliance Permissions topic.

This example specifies that the SendAs or SendOnBehalf actions performed by delegate users will be logged for Ben Smith's mailbox.

Set-Mailbox -Identity "Ben Smith" -AuditDelegate SendAs,SendOnBehalf -AuditEnabled $true

This example specifies that the MessageBind and FolderBind actions performed by administrators will be logged for Ben Smith's mailbox.

noteNote:
MessageBind and FolderBind actions are not logged for the default Calendar.
Set-Mailbox -Identity "Ben Smith" -AuditAdmin MessageBind,FolderBind -AuditEnabled $true

This example specifies that the HardDelete action performed by the mailbox owner will be logged for Ben Smith's mailbox.

Set-Mailbox -Identity "Ben Smith" -AuditOwner HardDelete -AuditEnabled $true

For detailed syntax and parameter information, see Set-Mailbox.

After you enable mailbox audit logging, you may also want to:

 © 2010 Microsoft Corporation. All rights reserved.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.