To integrate Umbrella with Office365 for Cloud Malware scanning, the auditing of user events must be enabled in Office365 which may not be enabled by default. This article explains how to enable auditing in the Microsoft Compliance center.
For more information on the Cloud Malware feature please see the Umbrella Documentation.
Enable Audit Logging
- Visit https://compliance.microsoft.com using an Administrative account.
- Click on 'Audit'
- Select 'Start recording user and admin activity'
Note that it may take ~24 hours for auditing to begin working. For assistance with auditing please read the Microsoft Documentation or contact your MS support partner.
For the Cloud Malware Report to work auditing related to user / file activity must appear on the 'Audit' page. For example: