Office 365 Administrators Health Reports with #PowerShell #Office365

Hey Checkyourlogs Fans,

As an administrator for several of my clients Office 365 Tenant’s I often find that getting daily health reporting in the UI Challenging.

So, I did some digging and there are some great built in PowerShell Cmdlets via the Office365 reporting services from Microsoft that can be used.

For this client we are setting up the Advanced Threat Protection for Office 365 and working on the Safe Attachment and SafeLink Policies.

I wanted to however showcase more of what this reporting can look like.

My quick hitter PowerShell code will dump all the necessary reports out to your desktop in Gridview.

You of course could make this a daily health report via Email / HTML / CSV or whatever.

A good source of the available Commands that Microsoft has published can be found here:

https://msdn.microsoft.com/en-us/library/office/jj984340.aspx

Now let’s have a look at the code shall we:

#Connect to Office 365
$usercredential = get-credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session

#Run the Sample Reports 
Get-MailTrafficATPReport | Out-GridView

Get-MailDetailMalwareReport | Select-Object Date,Domain,Subject,Direction,SenderAddress,RecipientAddress,EventType,Action,FileName,MalwareName | Out-GridView

Get-MailDetailSpamReport |Select-Object Date,Domain,Subject,Direction,SenderAddress,RecipientAddress,EventType | Out-GridView

Get-MailFilterListReport | Out-GridView

Get-MailTrafficReport | Out-GridView
Get-MailTrafficSummaryReport -Category TopMailSender | Select-Object C1,C2,C3 | Out-GridView
Get-MailTrafficSummaryReport -Category TopMailRecipient | Select-Object C1,C2,C3 | Out-GridView
Get-MailTrafficSummaryReport -Category TopMalWare | Select-Object C1,C2,C3 | Out-GridView
Get-MailTrafficSummaryReport -Category TopMalWareRecipient | Select-Object C1,C2,C3 | Out-GridView
Get-MailTrafficSummaryReport -Category TopSpamRecipient | Select-Object C1,C2,C3 | Out-GridView


Get-MailTrafficTopReport | Out-GridView
Get-UrlTrace | Select-Object Clicked,Workload,AppName,ReceipientAddress,URL,URLBlocked,URLClicked | Out-GridView
Get-MessageTrace -PageSize 2500 | Where-Object {$_.Status -ne "Delivered"} | Out-GridView

Hope you Enjoy,

Dave