Search the audit log in the Office 365 Security & Compliance Center - Audited Activities | Microsoft Teams activities

Created by Akshit Kapoor, Modified on Mon, 26 Mar, 2018 at 12:31 PM by Alen Varghese

The following table lists the user and admin activities in Microsoft Teams that are logged in the Office 365 audit log. Microsoft Teams is a chat-centered workspace in Office 365. It brings a team's conversations, meetings, files and notes together into a single place.

Friendly name	Operation	Description
Added channel	ChannelAdded	A user adds a channel to a team.
Changed setting	SettingChanged	The SettingChanged operation is logged when the following activities are performed. For each of these activities, a description of the setting that was changed (shown in parenthesis below) is displayed in the Item column in the audit log search results. A team admin changes the access type for a team. Teams can be set as Private or Public (Team access type). When a team is private (the default setting), users can access the team only by invitation. When a team is public, it's discoverable by anyone. A team admin changes the information classification of a team (Team classification). For example, team data can be classified as high business impact, medium business impact, or low business impact. A team admin changes the name of a team (Team name). A team admin changes the team description (Team description). A user changes the name of a team channel (Channel name). A user changes the description of a team channel (Channel description).
Created team	TeamCreated	A user creates a new team.
Deleted team	TeamDeleted	A team admin deletes a team.