Hello all,

Following the article on this new feature, you maybe now want to give access to someone to it and only to it.

This cannot be done via the permissions part of the compliance center, it is indeed in the Exchange Online RBAC permissions.

The cmdlet Search-UnifiedAuditLog is part of the Exchange Online cmdlets.

To give users ability to use that cmdlet you need to assign them the role “View-Only Audit Logs”. Then those users will have to go to “https://protection.office.com/” and they will be able to perform their search.

Have a good day 🙂