We will discuss the following two types of audit logs available in Exchange 2013:
Administrator audit logs are used to log when a cmdlet is executed from Exchange Management Shell or Exchange Admin Center except the cmdlets that are used to display information such as the
Search-* cmdlets. By default, Administrator audit log is enabled for new Exchange 2013/2016 installations. The admin audit log is a built-in cmdlet extension agent that we have covered in Chapter 2, Learning Recipient Management This agent reads the audit log configuration and evaluates each cmdlet when they are run, and then it logs it based on the configuration. ...