Tenant auditors use the Tenant Auditor policy.
As a tenant auditor, you can use the Audit section of the Administration console to retrieve up to 30 days of logs. You can filter the events listed to show events that occurred:
- Between two specific dates
- In the last hour
- In the last 2 hours
- In the last 24 hours
- In the last 72 hours
- In the last week
You can view these events for either your user activity or in Bring Your Own Key (BYOK), if your organization uses it.
You can also use the Audit API to obtain audit events.
Note: Your organization must be licensed for the Audit feature to make use of the tenant auditor role. If you do not have Audit enabled, you can view and assign the tenant auditor role. Tenant auditors have no authorizations until Audit is enabled.