Back to blog

Exciting new report: Teams Audit Events

28 Feb 2018 by Doug Davis

Is your organization on Microsoft Teams yet? The chat-based collaboration platform is becoming the ‘go-to’ application for conducting online meetings, and communicating via IM and group channels, with threaded chat, file sharing, and more.

Microsoft Teams is under seemingly constant development, with new features, improvements and fixes appearing frequently. This focus on growth and development, combined with the very recent news that Microsoft might be developing a ‘free’ version of Teams, and the not-so-recent news that Teams will eventually replace Skype for Business Online, it’s clear that the service isn’t going anywhere. Microsoft appear to be doing everything they can to create an indispensable, integrated, all-encompassing service, and embed it into every organization’s daily routine and activities.

That said, Teams is still relatively new, and while the collaboration benefits it offers are exciting, it is understandable that many admins might be wary about ‘switching it on’ and rolling it out across their tenant. Here at Quadrotech, we’ve had a very positive experience with the service, but after using Teams for almost 5 months now, we also know that it’s important that Teams is managed carefully – to ensure that the service remains productive, easy to use, and beneficial for your users. The alternative? Like any poorly-managed platform, it becomes a cluttered mess that’s difficult to navigate, search, use, and (most importantly) control.

Adoption and Usage

Like the rest of Office 365, it’s important to review adoption and usage carefully, to understand how your users are interacting with Teams, identify any trends, and ensure that you know exactly what’s happening in the platform. This is crucial from both a productivity, and security perspective.


As we mentioned before, Teams will be replacing Skype for Business Online (no solid dates given for this yet), so the sooner you’re able to start phasing out Skype, and introducing Teams the better. Transitions takes time, people like what they know, and there are still some quirks and functionality differences in Teams that could make users reluctant. Say, you’ve introduced Teams to your organization, onboarded departments gradually, provided some training, how do you measure user responsiveness? You need to be able to see usage trends, admin activities (like setting up groups, adding members), and the number of activities aggregated – and then perhaps track it against Skype for Business usage trends. Without information like this, it is very difficult to know whether your transition efforts are working.


If Teams is to become a part of your organization’s collaboration and productivity methods it will inevitably begin to hold important, sensitive, and confidential information. This means that private groups and the content within them needs to be protected, and all activity on the platform needs to be auditable. It is important that any issues or incidents can be identified, traced, and investigated promptly.

For example, it’s likely that you may have more than one admin for your Teams environment. What if you suddenly notice that the member role has been changed for 60 people across your organization, or that another admin has deleted an important Team when they shouldn’t have. Without more information, it is difficult to identify when these actions took place, and by whom, making it almost impossible to find out why. This is where our new report comes in.

The Teams Audit Events report in Radar for Security & Audit allows you to focus quickly and efficiently on audit events related to the Teams workload, with a customizable pre-configured filter. Audit event types captured here include: new Teams being added, members being added, or their roles being updated, Teams sessions being started, and various other administrative Teams activities.From the timeline, you can see all Teams events for the date range specified, who initiated those events, and when. Use this to both see general trends in Teams activities and also to focus on events of particular interest. You can expand the event to see more details and associated metadata.Like all our audit reports, advanced filters can be applied, and saved for your convenience. The reports themselves can be saved, scheduled. Finally, you can also configure email or SMS alerts to be triggered on specific events – meaning that you can keep a close eye on relevant activity, without having to constantly check back on the reports.

Interested in more Teams reports?

We will be releasing a number of Teams reports across Radar Reporting over the coming weeks – so make sure you check back for more details of these. Remember, once released our reports are available immediately. All you have to do is log into the application, and you can try them out straight away!

Not yet using Radar Reporting? If you want to see what how advanced Office 365 activity reporting and analytics can help you better understand and protect your environment, why not take a free 14-day trial?