Hello, I want to enable Microsoft Exchange 2012 Audit Events (unauthorized access: Unauthorized person assigns mailbox, forwarded mail and other type of changes. Also when there is a several connections on the same mailbox at the same time).
As I know there is other vendors application called LOGbinder which can retrive these logs from Exchange, and this app can be added as Data Source to SIEM.
But I want do it without this app.
How enable this type of audit on Exchange
How send these logs (maybe with McAfee Collector) to Receiver?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.