Learn more about viewing the administrator audit log

[Cette rubrique est une documentation préliminaire et peut être modifiée dans les versions ultérieures. Des rubriques vides sont incluses comme espaces réservés. N’hésitez pas à nous transmettre vos commentaires. Envoyez-nous un e-mail à l’adresse ExchangeHelpFeedback@microsoft.com.]  

S’applique à :Exchange Online, Exchange Server 2013

Administrator audit logging records specific actions performed by administrators and users who have been assigned administrative privileges. Any action that is based on an Exchange Management Shell cmdlet and doesn't begin with the verbs Get, Search, or Test is logged in the administrator audit log. That means that whenever an administrator performs an action that creates, modifies, or deletes an object, the action is logged in the administrator audit log.

You can use the EAC to search for and view entries from the administrator audit log. Log entries provide you with information about what cmdlet was run, which parameters were used, who ran the cmdlet, and what objects were affected. Up to 1000 entries will be displayed on multiple pages. To narrow the search, you can specify a date range. You can sort entries based on the cmdlet that ran, the date when the cmdlet ran, or the user who ran the cmdlet.