This module uses the
Search-AdminAuditLog Exchange CmdLet under the hood. This can be used to retrieve Exchange Admin Audit Logs from Exchange Online or Exchange Server On-Premises. It uses pagination automatically so that it can retrieve any number of results.
The output can be saved as a pre-formatted HTML file with the option to send as email to specified recipients.
This module was tested with the following.
- Windows PowerShell 5.1
- Exchange Online (Office 365)
- Exchange Server 2016 (On-Premises).
- May work with Exchange 2013 and Exchange 2019.
- Remote PowerShell session must be established.
- Exchange Admin Audit Logging must be enabled. Otherwise, there will be no data to return.
How to Install
Option 1: Install from PSGallery
Install-Module ExCmdReport -Scope AllUsers
Option 2: Download from GitHub and install manually
Use this if you can’t install the module from PSGallery.
- Download or clone from the GitHub Repository.
- Extract the zip and run
Example 1: Get Admin Audit Log Entries
Example 2: Get Admin Audit Log Entries and Send Email Report
There are four functions included in this version. For details, follow the links below.