Configuring OneDrive Activity Monitoring
Note
Verify auditing is enabled which was listed in the prerequisites.
Activity Monitoring gathers events from applications to help control and audit resource access.
Activity Monitoring is automatically disabled. To enable it, set the Allow Activity Monitoring toggle to on.
Setting the Data Retention Period
Setting a data retention period allows the user to specify how long activities will be stored offline. Activities are available on the Activity Forensics screen for a default of 12 months. After the initial 12 months, the activity data is retained and available via a support ticket. You can set a retention period from between 1 month and 7 years. After the retention period is met, all activities will be deleted.
Example: If the data retention period in the application configuration is set to 18 months, the activities will be available in Data Access Security for the initial 6 months and then available by a support ticket for the 18 additional months, making it a total of 24 months.
Supported Event Types
- Access Request Approved
- Access Request Created
- AccessInvitationAccepted
- AccessRequestApproved
- Added To Group
- Added To Secure Link
- Anonymous Link Created
- AnonymousLinkRemoved
- AnonymousLinkUpdated
- AnonymousLinkUsed
- App Catalog SP Corporate Catalog Accessor Base Add
- App Catalog SP Tenant Corporate Catalog Accessor Sync Solution To Teams
- App Store Storefront Show App Details Page
- App Store Storefront Task Get Apps
- Client View Signaled
- Comment Created
- Comments Disabled
- Company Link Created
- Company Link Removed
- CompanyLinkUsed
- Device Access Policy Changed
- File Accessed
- File Accessed Extended
- File Check Out Discarded
- File Checked In
- File Checked Out
- File Copied
- File deleted
- File Deleted First Stage Recycle Bin
- File Downloaded
- File Modified
- File Modified Extended
- File Moved
- File Previewed
- File Recycled
- File Renamed
- File Uploaded
- FileDeletedFirstStageRecycleBin
- FileDeletedSecondStageRecycleBin
- Folder Accessed
- Folder Copied
- Folder Created
- Folder Deleted First Stage Recycle Bin
- Folder Modified
- Folder Moved
- Folder Recycled
- Folder Renamed
- Folder Restored
- FolderDeleted
- FolderDeletedFirstStageRecycleBin
- FolderDeletedSecondStageRecycleBin
- Group Added
- Group Removed
- Group Updated
- List Column Created
- List Column Updated
- List Created
- List Item Created
- List Item Updated
- List Item Viewed
- List Updated
- List View Created
- List View Updated
- List Viewed
- Page Prefetched
- Permission Level Added
- Removed From Group
- RemovedFromSecureLink
- Search Query Performed
- Secure Link Created
- SecureLinkCreated
- SecureLinkDeleted
- SecureLinkUsed
- SharedLinkCreated
- SharedLinkDisabled
- Sharing Inheritance Broken
- Sharing Inheritance Reset
- Sharing Invitation Created
- Sharing Policy Changed
- Sharing Revoked
- Sharing Set
- SharingInvitationAccepted
- SharingInvitationBlocked
- SharingInvitationCreated
- SharingInvitationUpdated
- SharingRevoked
- SharingSet
- SP Corporate Catalog App Metadata Deploy Skip Feature Deployment
- SP Corporate Catalog App Metadata Deploy With Feature Deployment
- Web Members Can Share Modified
- Web Request Access Modified
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.