Most of you are using cloud services in your IT environments today, living in and managing a hybrid world.
With the release of ARM 9.1 we already have taken this into consideration by complementing the existing access rights permission visibility into Active Directory, Exchange, and file servers by Microsoft® OneDrive and Microsoft® SharePoint Online.
Now with ARM 9.2 we round off our function set by introducing the ability to collect events from Microsoft® OneDrive and SharePoint Online allowing you to gain also visibility in activities within these platforms.
In addition to the functionality above, a lot of work was done under the hood to lay the foundation for coming features we will make available in the next releases.
What’s New in Access Rights Manager 9.2?
- Microsoft OneDrive and SharePoint Online monitoring - Administrators need to be aware about certain events in their OneDrive and SharePoint Online infrastructure. ARM now enables the Administrator to retrieve events from the O365 environment and analyze them in reports.
- UI - Design and layout optimizations to complete the SolarWinds look and feel.
- Defect fixes - as with any release, we addressed product defects.
The SolarWinds product team is excited to make these features available to you. We hope you enjoy them.
Of course, please be sure to create new feature requests for any additional functionality you would like to see with ARM in general.
To help get you going quickly with this new version, below is a quick walk-through of the new monitoring capabilities for Microsoft® OneDrive and Microsoft® SharePoint Online.
Identify ACCESS to shared directories and files on OneDrive
OneDrive is an easy tool to let your employees share resources with each other and/or external users. ARM makes it easy for you to check which files an employee has shared internally or externally, and who actually accessed these.
Now let’s take a look how we can use OneDrive monitoring to answer the question “with whom outside the company do we share documents and files?” ARM allows you to easily generate a report for this.
1. Navigate to the Start screen in the ARM rich client and click on “OneDrive Logga Report” in the Security Monitoring section.
The configuration for the “OneDrive Logga Report“ opens.
2. Provide a title and comment that will be shown at the beginning of the report (optional). Select the time period analyzed for this report.
3. Click into “OneDrive Resources”
4. Select the target resources on the right side for this report by double clicking.
5. Click into “Operations”
6. As we are interested in who has shared the resources when and also if/what external users have accessed it we select the “AnonymousLinkCreated” and “AnonymousLinkUsed” operations on the right side for this report by double clicking.
7. Click on “Start” to create this report manually.
8. Click on “Show report” to view the report.
In the report created you get the information of who has invited external users when to access internal resources and if any external users have accessed these from what IP address.
Note: You can schedule this report to be sent periodically to your mailbox to stay on top what’s happening.
In the same way you can generate reports about the more than 180 other events available in SharePoint Online and OneDrive. Just follow the outlined steps and adapt in step 6 the operations to the ones you are interested in.
Other interesting events you might want to have a look at are file and folder related operations like FileDeleted/FolderDeleted or FileMoved/FolderMoved helping you with one of the classic use cases if employees complain about their disappearing files and folders.
On a side note, file/folder events on file servers are also captured in our monitoring and are available through the file server reports.
I hope that this quick summary gives you a good understanding of the new features in ARM and how you can utilize ARM to get better visibility and control over your hybrid IT environment.