Microsoft Office 365 is a line of cloud-based software offered by Microsoft as part of the Microsoft Office product line. LogicMonitor offers out-of-the-box monitoring for Office 365. With LogicMonitor’s Office 365 package, you can monitor the state of your Microsoft Office 365 deployment and the underlying services and license usage, allowing you to quickly identify faults and manage performance and license utilization accordingly.
Note: LogicMonitor also offers monitoring for the Microsoft Exchange server. See Microsoft Exchange Monitoring for more information.
Add Resource Into Monitoring
Add your Microsoft Office 365 host into monitoring. As cloud-based software, there is no physical resource to add into monitoring so simply create a new resource with “outlook.office.com” as the IP address/DNS name. Be sure to assign a Windows-based Collector or Collector group to the resource. For more information on manually adding resources into monitoring, see Adding Devices.
Create Credentials for Office 365
LogicMonitor must provide the appropriate credentials in order to successfully access Office 365. These credentials must belong to an Office 365 user account with the “Global reader” role assigned. The following roles are required:
- Reports reader
- Message Center reader
- Message Center Privacy reader
- Tenant admin (required for SharePoint)
For more information on adding users, see Microsoft’s Office 365 documentation.
Once the user account is created, log into Microsoft’s Exchange Admin Center and add the new user to the “View-Only Organization Management” Exchange role.
Additionally, enter the username and password associated with the new account as properties on the Microsoft Office 365 resource you created within LogicMonitor. As discussed in the Assign Properties to Resource section of this support article, the properties that carry these values are office365.user and office365.pass.
LogicMonitor initiates remote PowerShell sessions to retrieve data from Office 365. There are two PowerShell modules that need to be installed on the Windows Collector host (or hosts if you are monitoring using an Auto-Balanced Collector Group or have a backup Collector) that is associated with your Office 365 resource in LogicMonitor:
- MSOnline PowerShell Module
Install-Module -Name MSOnline
- MSOnline SharePoint PowerShell Module
Install-Module -Name Microsoft.Online.SharePoint.PowerShell
Note: The PowerShell cmdlet Install-Module requires Windows Management Framework (WMF) 5.1.
Ensure that your Collector(s) can run PowerShell scripts by setting the execution policy to RemoteSigned on the Collector host(s):
Set Up Microsoft Graph API
LogicMonitor uses the reports API in Microsoft Graph to collect Office 365 usage data. For more information on Microsoft Graph, see Microsoft Graph documentation.
Follow these steps to register and authorize a new application to call the reports API:
- Log into the Azure portal using an administrator account.
- Navigate to Enterprise Applications under Azure Active Directory. Click + New Application.
- From the Add an application dialog, select “Application you’re developing”.
- From the App registrations dialog, click + New registration.
- Provide a meaningful name for the application.
- Leave all other settings as they are and click Register.
- On the Overview page for the new application, locate the following:
- Application (client) ID. Create a property on the LogicMonitor host named office365.clientid and enter this ID as the property value. (For more information on assigning properties, see the Assign Properties to Resource section of this support article.)
- Directory (tenant) ID. Create a property on the LogicMonitor host named office365.tenantid and enter this ID as the property value.
- Open the Open the Authentication page for the new application and perform the following steps:
- Click + Add a platform to allow access tokens for a web application.
- From the Configure platforms dialog that displays, select “Web”.
- On the following Configure Web dialog, enter your LogicMonitor portal URL as the redirect URI.
- Check the Access tokens option.
- Open the Certificates & secrets page for the new application and perform the following steps:
- Click + New client secret and provide a description.
- Immediately copy your new client secret value (you will not be able to view it again).
- Create a property on the LogicMonitor host named office365.clientsecret.pass and enter the client secret as the property value.
- Open the API permissions page for the new application and perform the following steps:
- Click + Add a permission.
- When the drawer from the right appears, select “Microsoft Graph” and then “Application Permissions”.
- Under the Reports heading, check the Reports.Read.All option.
- Click Grant admin consent for <domain>.
- When finished, two green checkmarks will display confirming that consent has been granted.
Assign Properties to Resource
The following custom properties must be set on the Microsoft Office 365 resource within LogicMonitor. For more information on setting properties, see Resource and Instance Properties.
Important: Because this is a cloud resource that relies heavily on the presence of properties for LogicModule association, care should be taken to set this property at the resource level only. Avoid setting these properties at the group or root level to ensure Microsoft Office 365 LogicModules aren’t incorrectly applied to other resources.
Note: If you’ve performed the setup requirements in the previous sections, several of these properties will already be present.
|office365.clientid||The “Application (client) ID” used for Microsoft Graph report retrieval from the reports API. See the Set Up Microsoft Graph API section for details on obtaining this ID.|
|office365.clientsecret.pass||The client secret used for Microsoft Graph report retrieval from the reports API. See the Set Up Microsoft Graph API section for details on obtaining this secret.|
|office365.tenantid||The “Directory (tenant) ID” used for Microsoft Graph report retrieval from the reports API. See the Set Up Microsoft Graph API section for details on obtaining this ID.|
|office365.tenantname||The tenant name used for Microsoft Graph report retrieval from the reports API (example: <customer name>.onmicrosoft.com)
If you need assistance determining your tenant name, we recommend reviewing one of the numerous external articles available on this topic, such as this one from a Microsoft Gold Certified Partner.
|office365.user||Username for the Office 365 admin account used to access Office 365 data (example: [email protected]<customer name>.onmicrosoft.com). See the Create Credentials for Office 365 section for details on creating this account.
Note: For SharePoint monitoring, the user account must be a SharePoint tenant administrator.
|office365.pass||Password for the Office 365 admin account used to access Office 365 data. See the Create Credentials for Office 365 section for details on creating this account.|
|office365.spoadminsite||The customer name portion of the URL of the SharePoint admin center. For example, if the SharePoint URL is “westbeachservices-admin.sharepoint.com”, the value of this property would be “westbeachservices”.|
From the LogicMonitor repository, import all Microsoft Office 365 LogicModules, which are listed in the LogicModules in Package section of this support article. If these LogicModules are already present, ensure you have the most recent version.
Once the LogicModules are imported (assuming all previous setup requirements have been met), the PropertySources will automatically detect the host and assign the appropriate values to the system.categories property. This, in turn, will automatically associate the DataSources (and ConfigSources if supported by your LogicMonitor account) and data monitoring will begin.
A few customers have encountered scenarios where DataSources fail if data is behind a proxy. Although we have not been able to definitively verify proxies to be an issue in all cases, we are mentioning it as a possibility to help aid in troubleshooting if proxies are potentially a factor in your environment.
LogicModules in Package
LogicMonitor’s package for Microsoft Office 365 consists of the following LogicModules. For full coverage, please ensure that all of these LogicModules are imported into your LogicMonitor platform.
Note: This package includes ConfigSources (configuration file monitoring LogicModules). If the ability to monitor and alert on configuration files is not currently available in your LogicMonitor platform and you would like to learn more, reach out to your customer success manager. For more information on ConfigSources, see Creating ConfigSources.
|addCategory_Office365||PropertySource||Identifies if the Office 365 host is configured for Office365 monitoring and, if it is, adds the value of “Office365” to the system.categories property.|
|addCategory_Office365Reports||PropertySource||Identifies if the Office 365 host is configured properly to retrieve Graph reports and, if it is, adds the value of “Office365Reports” to the system.categories property.|
|Microsoft Teams: Device Usage||DataSource||Monitors the last seven days of Microsoft Teams device usage by number of users.|
|Microsoft Teams: User Activity||DataSource||Monitors the last seven days of Microsoft Teams activity.|
|Office 365 Account Licenses||DataSource||Monitors Office 365 license usage.|
|OneDrive: File Counts||DataSource||Monitors OneDrive total and active files, as well as the time since the report was last updated.|
|OneDrive: Storage Used||DataSource||Monitors OneDrive total storage used.|
|Outlook: Email Activity||DataSource||Monitors Outlook total and rate counts for read, received and sent emails.|
|Services: User Activity||DataSource||Monitors individual Office365 services and their associated user activity.|
|SharePoint Online: Site Status||DataSource||Monitors the overall status of the SharePoint site.|
|SharePoint Online: Site Usage||DataSource||Monitors SharePoint site usage metrics such as page views, file count, file usage, storage, etc.|
|Yammer: Device Usage||DataSource||Monitors Yammer usage by device type.|
|SharePoint Online: Tenant Config||ConfigSource||Captures SharePoint Online organization-level tenant config.|
|Exchange Online: Groups||ConfigSource||Monitors the config group objects. Returns security groups, mail-enabled security groups, distribution groups, and role groups.|
|Exchange Online: Mailboxes||ConfigSource||Monitors the Exchange mailbox configs.|
|Exchange Online: Management Roles||ConfigSource||Monitors the Exchange management role objects in your organization.|
|Exchange Online: Mobile Device Mailbox Policy||ConfigSource||Monitors Exchange mobile device mailbox policy config.|
|Exchange Online: Mobile Devices||ConfigSource||Monitors Exchange mobile device config for identification, configuration, and status information for each mobile device.|
|Exchange Online: Organization||ConfigSource||Monitors Exchange organization config.|
|Exchange Online: OWA Mailbox Policy||ConfigSource||Monitors Exchange Outlook on the web mailbox policies in the organization.|
|Exchange Online: Transport Config||ConfigSource||Monitors Exchange organization-wide transport configuration settings.|
When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations. If necessary, we encourage you to adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.
Example Use Cases
Next, we’ve highlighted a sample dashboard and some sample monitoring scenarios that could be accomplished with the Office 365 LogicModule package.
Granular Monitoring of SharePoint
The SharePoint DataSources will monitor multiple SharePoint site instances usage, traffic, storage, and file count, providing granular flexibility when monitoring SharePoint. With the information gleaned, you can decide whether to delete or combine sites that don’t get a lot of traffic but use up a considerable amount of storage.
Service Availability Monitoring
Track the availability of certain services including Exchange sign in, voice mail, email, calendar, Microsoft portal, and billing page. Along with service availability monitoring, the
Office365_Reports_ServicesUserActivity DataSource provides the total number of users that are utilizing the applications. The pairing of this information can be useful when prioritizing issues.
Office365_Account_License DataSource alerts users when licenses are about to expire and also counts the surplus licenses available at any given time. When combined with our forecasting feature, this DataSource can help license capacity planning by indicating when it’s time to increase your license allocation. In the same spirit, the OneDrive DataSources, which track file counts and storage usage, can also provide essential capacity planning information.
Using user activity historical data collected across multiple services, such as call volume, meeting attendance, message counts, and so on, you can look into repurposing the licenses of the least active users if you are running low on licenses, or you might find that some licensed users are not in the organization anymore.
There is also device usage breakdown, allowing you to track which devices (Windows, Macs, iPhones, Androids) are most popular within your organization. This data can be useful when testing internal applications to prioritize testing on those operating systems that are most heavily used within the organization.
Monitoring Exchange Configurations
With the slew of Exchange ConfigSources, you can closely monitor all Exchange activity happening in your environment, from the addition of new users to changes made to Exchange organization config files. This insight can alert you to any suspicious activity.