Click here to watch this video on YouTube.

The Reports tab in the Office 365 Compliance Center contains a variety of rich information sources for administrators. There you’ll find reports on Exchange, Azure AD, and a variety of activities across Office 365 services.

Activity reports show actions like view, create, edit, upload, download, and delete, taken on a file or folder level in OneDrive for Business and SharePoint. These reports will also show sharing actions on files and folders such as invitation and access requests. If you need to report on this kind of information, perhaps during an information audit or an investigation into malicious activity, you can pull it from these reports in the Compliance Center.

Before getting started, ensure that you’ve already begun logging user and admin activity.

1. From the admin center, select Compliance under Admin.
2. Click on Reports.
3. Click the Office 365 audit log link.
4. Refine your criteria using the Show results for all activities drop-down menu, date range fields, users field (leave blank to show all users), and file/folder/site name field (include all or partial of a name, or none).
5. Click Search.
6. Optionally, export the data to a CSV file.

Note that activity history is only retained for 90 days. For more information on the audit log, see this support post.