Hi!
I need help with admin audit log.
Making "Admin Audit Log Report" using EAC shows nothing, regardless of specified parameters. At the same time running (as the same user) PowerShell cmdlet Search-AdminAuditLog shows all log entries correctly.
Running Get-AdminAuditLogConfig returns result:
RunspaceId : xxxxxxx AdminAuditLogEnabled : True LogLevel : Verbose TestCmdletLoggingEnabled : False AdminAuditLogCmdlets : {*} AdminAuditLogParameters : {*} AdminAuditLogExcludedCmdlets : {} AdminAuditLogAgeLimit : 90.00:00:00 AdminDisplayName : ExchangeVersion : 0.10 (14.0.100.0) Name : Admin Audit Log Settings DistinguishedName : CN=Admin Audit Log Settings,CN=Global Settings,CN=xxxx,CN=xxxxx,CN=xxxx,CN=Configuration,DC=xxxx,DC=xxxx,DC=xxx Identity : Admin Audit Log Settings Guid : xxxxxx ObjectCategory : xxxx.xxx.xxx/Configuration/Schema/ms-Exch-Admin-Audit-Log-Config ObjectClass : {top, msExchAdminAuditLogConfig} WhenChanged : 2015-04-09 19:11:53 WhenCreated : 2015-03-28 21:03:36 WhenChangedUTC : 2015-04-09 17:11:53 WhenCreatedUTC : 2015-03-28 20:03:36 OrganizationId : Id : Admin Audit Log Settings OriginatingServer : dc.xxxxx.xxxx IsValid : True ObjectState : UnchangedPlease notice value of ExchangeVersion
(value 14 means 2010!) and OriginatingServer, which points to my domain controller and not the Exchange server on which I run this command!
My environment is very simple - one W2012R2 server running as DC and one W2012R2 server, running as Exchange member server.
Any ideas what is wrong?
elk84