Check Login Activity/History in Microsoft Office 365

Cloud-based working offers many advantages including collaboration, flexibility, and reduced costs, but it also comes with potentially serious security threats. It is essential, therefore, to have proper controls in place to protect the privacy and integrity of the data you store in the cloud for your own security and to comply with regulatory controls.

To ensure continuous security and compliance with Microsoft 365, you need the same level of control as you do over your on-premises systems. Tracking Microsoft 365 login activity is therefore crucial to reduce risk and mitigate damage.

The native Azure (AD) audit logs record all logon events, but the entries are not easy to filter leaving you with a large volume of information to process manually.

In addition to the monitoring of Office 365 login history, it will also be necessary to store and access your Microsoft 365 login audit trail for several years. Using the native reports, you can only track activity for short periods of time meaning that if you don’t want to lose visibility into login activity, you have to constantly export data and store it.

A more straightforward solution to this native approach is to use the Lepide Auditor for Office 365. This Solution enables you to generate reports of both successful and failed attempts to login to Azure AD. Trusted locations can be filtered out to display only the information you are looking for, providing an efficient way to monitor Azure AD logons. And log files can be kept indefinitely meaning that you do not have to keep exporting and storing your data.

Here are two ways to detect logons in Azure AD and they are described below.

1. Using the Microsoft 365 Admin Center
2. Using the Lepide Auditor for Office 365