Author Archives: Vasil Michev

Microsoft to retire SCC’s eDiscovery experience after 30 October 2020

The Security and Compliance Center (also known by its old Protection Center name) in Office 365 has always been a strange beast, a hot mess that kept on growing for years without a clear idea. Different functionalities kept getting added, … Continue reading

Posted in Microsoft 365, Office 365 | Leave a comment

Listing all custom attributes in Office 365

While investigating a potential issue with one of our products, the question of whether any object within our AD/Azure AD has any of the customattributeXX populated popped up. Now, listing these for a given user/mailbox or a set of users … Continue reading

Posted in Exchange Online, Office 365, PowerShell | Leave a comment

Accessing audit events for Microsoft 365 Group mailboxes

As a follow up to one of my previous posts, here’s the *supported* method of querying audit events for Office 365/Microsoft 365 Group mailboxes. In a nutshell, you should use the unified audit log instead of the good old Search-MailboxAuditLog … Continue reading

Posted in Exchange Online, Microsoft 365, Office 365, PowerShell | Leave a comment

Azure AD Sign-in logs for service principals and other recent improvements

The Azure AD sign-in logs are an indispensable tool for troubleshooting and investigating security-related incidents. For years they had a major flaw though – no records were being generated for any login made by using the client credentials grant flow. … Continue reading

Posted in Azure AD, Microsoft 365, Office 365 | Leave a comment

New reports layout and new Forms report in the Microsoft 365 Admin Center

While doing some fact-checking against the reports page within the Microsoft 365 Admin Center earlier today, I noticed that we now have a new layout for it, as showcased below: Front and center, we have the Active users report in … Continue reading

Posted in Microsoft 365 | Leave a comment