Share via

Use mail protection reports to view data about malware, spam, and rule detections in Exchange Online

  • Article
  • 06/24/2024

As an admin in Exchange Online or Exchange Online Protection (EOP), it's important for you to monitor how much spam and malware are being detected in your organization.

With the interactive mail protection reports in the Microsoft Defender portal, you can quickly get a visual report of summary data, and drill down into details about individual messages for the last 90 days.

Tip

For mail flow related reports, see Mail flow reports in the new Exchange admin center in Exchange Online.

Reports in the Microsoft Defender portal

In the Microsoft Defender portal at https://security.microsoft.com, go to Reports > Email & collaboration > Email & collaboration reports. Or, to go directly to the Email & collaboration reports page, use https://security.microsoft.com/emailandcollabreport

You need appropriate permissions to use the Microsoft Defender portal (for example, Security Administrator). For details, see Permissions in the Microsoft Defender portal.

Reporting overview

The following table describes the types of reports that are available, how to find them, and where to go to learn more.

Type of information Learn more
Email security reports: Malware, spam, spoofing, and other protection reports for all Exchange Online organizations. View email security reports in the Microsoft Defender portal
View Defender for Office 365 reports in the Microsoft Defender portal: Mail latency, threat protection, and other reports that are available to organizations with Defender for Office 365 (include in a subscription or as an add-on). View reports for Microsoft Defender for Office 365

Additional resources

Training

Module

Examine email protection in Microsoft 365 - Training

This module examines how Exchange Online Protection (EOP) protects organizations from phishing and spoofing. It also explores how EOP blocks spam, bulk email, and malware before they arrive in users’ mailboxes.

Certification

Microsoft Certified: Information Protection and Compliance Administrator Associate - Certifications

Demonstrate the fundamentals of data security, lifecycle management, information security, and compliance to protect a Microsoft 365 deployment.