At the RSA conference in April 2015 there was an interesting announcement for some new security and compliance management APIs for Office 365.
Today there are numerous ways to get access to application logs. For instance:
- Office 365 Reporting web services - https://msdn.microsoft.com/en-us/library/office/jj984325.aspx
- Exchange Online Message Trace reports - https://technet.microsoft.com/en-us/library/exchange-online-reporting-features-and-troubleshooting-tools.aspx
- Exchange Online Mailbox Audit Logging and Administrator Audit Logging reports - https://technet.microsoft.com/en-us/library/exchange-online-reporting-features-and-troubleshooting-tools.aspx
- Exchange Online Protection (EOP) reporting - https://technet.microsoft.com/en-us/library/reporting-and-message-trace-in-eop.aspx
- SharePoint Online Auditing - https://technet.microsoft.com/en-us/library/b95d72bf-206f-4c26-a53d-ba61ff73605c#bkmk_Auditing
So what is changing?
These APIs are going to be consolidated to the “Office 365 Management Activity API” which will be a set of REST web services that can be a single point to get over 150 transaction types for SharePoint Online, Exchange Online, Azure AD, etc. I am really excited to this see this as today customers have to go to a lot of places to pull down this data.
Additionally in the announcement it was stated that the ISVs will building solutions on top of these APIs for customers. Here is the announcement - http://blogs.office.com/2015/04/21/announcing-the-new-office-365-management-activity-api-for-security-and-compliance-monitoring/
At the recent Ignite Conference (May 2015), more information about this was presented. Here is the video of that session - http://channel9.msdn.com/Events/Ignite/2015/BRK2180