Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2
Topic Last Modified: 2012-10-03
By using mailbox audit logging, you can track logons to a mailbox, and also track what actions are taken while the user is logged on. When you enable mailbox audit logging for a mailbox, some actions performed by administrators and delegates are logged by default. None of the actions performed by the mailbox owner are logged. To learn more about mailbox audit logging, see Understanding Mailbox Audit Logging.
Caution: |
---|
Auditing of mailbox owner actions can generate a large number of mailbox audit log entries. Therefore, this feature is disabled by default. We recommend that you enable auditing only of specific owner actions that are needed to meet business or security requirements. |
Note: |
---|
You can't use the Exchange Management Console (EMC) or the Exchange Control Panel (ECP) to enable or disable mailbox audit logging. |
Looking for other management tasks related to mailbox audit logging? Check out Managing Mailbox Audit Logging.
Use the Shell to enable or disable mailbox audit logging
You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox audit logging" entry in the Messaging Policy and Compliance Permissions topic.
This example enables mailbox audit logging for Ben Smith's mailbox.
Copy Code | |
---|---|
Set-Mailbox -Identity "Ben Smith" -AuditEnabled $true |
This example disables mailbox audit logging for Ben Smith's mailbox.
Copy Code | |
---|---|
Set-Mailbox -Identity "Ben Smith" -AuditEnabled $false |
For detailed syntax and parameter information, see Set-Mailbox.
Use the Shell to specify logging settings for administrator, delegate, and owner access
You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Mailbox audit logging" entry in the Messaging Policy and Compliance Permissions topic.
This example specifies that the SendAs
or
SendOnBehalf
actions performed by delegate users will
be logged for Ben Smith's mailbox.
Copy Code | |
---|---|
Set-Mailbox -Identity "Ben Smith" -AuditDelegate SendAs,SendOnBehalf -AuditEnabled $true |
This example specifies that the
MessageBind
and FolderBind
actions
performed by administrators will be logged for Ben Smith's
mailbox.
Note: |
---|
MessageBind and FolderBind actions are not logged for the default Calendar. |
Copy Code | |
---|---|
Set-Mailbox -Identity "Ben Smith" -AuditAdmin MessageBind,FolderBind -AuditEnabled $true |
This example specifies that the HardDelete
action performed by the mailbox owner will be logged for Ben
Smith's mailbox.
Copy Code | |
---|---|
Set-Mailbox -Identity "Ben Smith" -AuditOwner HardDelete -AuditEnabled $true |
For detailed syntax and parameter information, see Set-Mailbox.
Other Tasks
After you enable mailbox audit logging, you may also want to: