One of my favorite scripts is Mike Pfeiffer Administrator Audit Log Reports in HTML Format script which allows you go get a daily HTML report via email of all the changes that we made on your on-premises environment.
This is actually a great way to monitor you environment, not specifically to blame someone if he something went wrong, but in case there are issues or human error, it allow you to look back in the history and see what changes were made any by who.
Office 365 Challenge
I was wondering to myself, how complicated would it be to use the same script , but make it work on Office 365 Exchange Online environment so we can get the same level of reporting and auditing changes, but on Exchange Online.
I’ve asked Mike for permission to take his script and together with Yoav Barzilay we modified it a bit, and we proudly presenting you with Get-ExchangeOnlineAuditReport, the same functionally but for Office 365 Environment 
We’ve included the Exchange Online connectivity in the tool and also had some additional options such as including Proxy if you have any and also be able to load credentials directly from the credential manager instead of putting it hardcoded in the script exposes to all.
Download:
Prerequisites:
1. Creating a Generic Credential under the Credential Manager > Windows Credentials. The name appears in the “Internet or network address” is the name of the parameter of $TenantCredentialKey
2. Having an internal/external SMTP server that can relay your email messages, in case you don’t provide email parameters there will be a daily HTML file being put under the %TEMP% folder so you can access it manually.
Usage:
1. Creating an HTML file with the report under the %temp% folder
.Get-ExchangeOnlineAuditReport.ps1 –TenantCredentialKey
2. Sending the Report VIA email (can be used in a scheduled task as well):
.Get-ExchangeOnlineAuditReport.ps1 –TenantCredentialKey -to
[email protected] -from [email protected] –smtpserver
3. Sending the Report VIA email (can be used in a scheduled task as well) while having Proxy enabled on the server:
.Get-ExchangeOnlineAuditReport.ps1 –TenantCredentialKey -to
[email protected] -from [email protected] –smtpserver –ExchangeOnlineWithProxy
Task Scheduler:
Just create a simple task with the following lines as the commands and make sure you run it with highest privileges:
1. Creating a daily HTML report in the %TEMP% Folder:
Powershell.exe -command “& ‘C:ScriptsGet-ExchangeOnlineAuditReport.ps1’ -TenantCredentialKey ””
2. Creating a daily HTML report being sent via email:
Powershell.exe -command “& ‘C:ScriptsGet-ExchangeOnlineAuditReport.ps1’ -TenantCredentialKey ” -To <[email protected]> -From <[email protected]> -SmtpServer “
3. Creating a daily HTML report being sent via email when Proxy is configured:
Powershell.exe -command “& ‘C:ScriptsGet-ExchangeOnlineAuditReport.ps1’ -TenantCredentialKey ” -To <[email protected]> -From <[email protected]> -SmtpServer -ExchangeOnlineWithProxy”
