Office365Mon Acquisition News

Hello everyone,

We have some very exciting news today for Office365Mon customers that has to do with performance and security for your users of Office 365.

We’re delighted to announce that Office365Mon has been acquired by Zscaler, Inc., of San Jose, CA.  Zscaler is a market leader in cloud security and, for eight consecutive years, has been named a leader in the Gartner Magic Quadrant for Secure Web Gateways. With thousands of enterprise customers, Zscaler supports a massive base of Office 365 users worldwide. I found it interesting that Office 365 generates more traffic in the Zscaler cloud than YouTube. Check out some of the cloud stats here:

At its recent user conference, the company announced a digital experience monitoring solution, Zscaler Digital Experience (ZDX), that will provide detailed visibility into performance for all users across the cloud. The plans are to integrate Office365Mon technology into this platform over time and continue to offer Office365Mon as a standalone product.

We’d like to thank all our valued customers that have helped shape Office365Mon into what it is today, and we look forward to working with you in the future.

We will be sure to keep you up to date on ZDX product announcements, features, and availability.

From Sunny Phoenix,

Teams and Skype Jitter and Call Quality Monitoring from Office365Mon

Today we are announcing a new set of features for monitoring Microsoft Teams and Skype for Business call quality at Office365Mon.Com.  This package of features is now included with our Distributed Probe and Diagnostics agent, which we allow you to install in as many different geographic locations as you like.  The agent now has new features that will monitor call quality metrics for things like:

  • Jitter
  • Packet loss
  • Packet reorder ratio
  • Round trip time latency
  • Calling firewall issues

As always with our agent, from each different location you can choose notification thresholds for these different call quality metrics, as you see here:


The notification values we start with are pre-configured for the minimum performance requirements recommended by Microsoft.  As always though, you can set up these notification thresholds on a location by location basis to match the network performance characteristics of each one of your different deployment areas.

In addition to performance monitoring, each time we do a check we also test network connectivity to a variety of calling service endpoints that Microsoft uses in the region your agent is deployed.  Each one of these endpoints is defined by an IP address, port and protocol that your Teams and Skype clients may need to access.  We test every one of these to ensure that there aren’t any network configuration issues that could block you from making calls from a particular location, as well as to be able to alert you when a service endpoint is unavailable.  This can also help you identify potential issues when users are unable to make or sustain calls with the Teams or Skype clients.

Once you turn on call quality monitoring, we’ll feed the data we collect from our testing back to your Office365Mon subscription, so you can dig into reporting data later on to see what the call quality metrics are like across the different locations where you’ve installed the agent.  For example, here’s what the jitter looks like from two different locations:


Here’s what the packet loss looks like from those same locations:


And finally, here’s what the round trip time latency looks like:


Each of the preceding three charts shows you data from recent tests – meaning in the last couple of hours or so – but we also roll up this data by day as well as month.  That means you always have a current, short term and long term view of the call quality at your different office locations.

For firewall issues, we keep a log of each time we encounter issues reaching a particular IP address, port and protocol.  So in addition to the notifications you get, you’ll also see a history of those issues, as shown here:


All of the data is sortable so you can see where you’re having the most problems by location, address, port, or protocol type.


Another Feature Based on Your Feedback

The Call Quality monitoring feature from Office365Mon is yet another example of where your feedback to our team has resulted in new and enhanced capabilities.  We’re always interested in what you think about our service – good and bad – and ideas and suggestions you may have for ways in which we can do a better job of helping you Stay In the Know, and Stay In Control.  Call Quality monitoring is available for customers with our Enterprise Platinum license.  You can find out more about our licenses and features by viewing our product matrix at  In addition, if you don’t have an Office365Mon subscription for Office 365 monitoring yet, you can get a free 90-day trial of our Enterprise Platinum license by visiting us at  I hope you’ll consider taking a few minutes to download and install our latest agent and try out the Call Quality monitoring feature, along with all of the many other features available from Office365Mon.Com.

From Sunny Phoenix,

Deeper Real Time Office 365 Performance Data from Office365Mon.Com

We’ve just released some new and improved reports that I think many of you will find valuable and interesting at Office365Mon.Com.  A couple of these reports give you performance information about your own Office 365 tenant that’s even deeper and more insightful than we’ve ever had before.  In addition to that, we’ve simplified some of our outage reports, and also added additional historical outage reporting options that let you drill down even further into the stability of the different services in your Office 365 subscription.

For real time performance data on your Office 365 tenant, we started monitoring your tenant health scores and request durations in June, 2018:  For a quick refresher, the health score is something we get for SharePoint Online and OneDrive for Business that is between 0 and 10 and represents the overall health of your tenant.  When your score is 0 things are as healthy as possible; the more the score increases, the less healthy your tenant is.  Request duration is the amount of time that it takes to process synthetic transactions that we send to your tenant while we monitor it.  As request durations increase, users begin to see it as “Office 365 is slow today” or “our network is slow”.

We’ve provided you a real-time view of the scores and durations since June 2018, and while there is a lot of value in that, the problem is that there wasn’t a good way for you to look at those numbers and understand if what you were seeing was really bad, or if those numbers are actually typical of what you have been getting from your tenant.  The new reports we have today plug that gap and give you some great and easy to understand insight so you know exactly how you’re doing.  To get started, here’s a screenshot of the new request duration report:


The first thing that probably catches your eye is the wavy blue and yellow data in the background.  That data is actually historical data for what the request duration has been during the exact time frame that you’re currently looking at.  So if you look at this report at 8AM and then again at 5PM, that wavy data will be different.  The idea is that you can see not only what your current performance is like, but what it has historically been like at this same exact time of day.  Not only that, but as we gather more historical data, then we fine-tune what you see here even further – down to the same exact day of week with the historical data.  So that means, for example, if you look at the current performance at 2PM on a Tuesday, then eventually the wavy data you see in the background will also be for 2PM on a Tuesday.  This is incredibly useful to be able to do as much of an “apples to apples” comparison as possible when you are looking for performance issues in your tenant, as well as to understand if the data you are currently seeing is “typical” for what you normally get in your tenant.  That’s exactly what you see in the chart above – so overall at the point in time we took this report screenshot, our tenant overall was actually performing a little better than past Wednesdays at this same time of day.

As with all of our graphical reports at Office365Mon.Com, you can also drill into this further by just clicking on items in the chart’s legend.  So for example, if you just want to look at what’s going on with SharePoint Online only, here’s what the chart looks like:


Again, it’s very interesting in how you see some similar changes in performance to what we’ve previously seen on Wednesdays during this time frame, but overall still looking a little better than usual.

We also do the same thing with health scores, so for comparison, here’s the new health score report with this same historical data underlay:


Again, as you can see from this, it’s consistent with the request duration data in that overall the health scores are right about where they normally are at this time of day on a Wednesday.


Easier to Understand Outage Information

In addition to the deeper real time data, we’ve also simplified and improved the usability and level of detail around outages and the reasons they happen.  First, we’ve changed the existing reports we’ve had from the beginning on outages and outage reasons so that now they only show information on outages that have occurred in the last 60 days.  Previously, they contained data on every outage we ever monitored for you.

Next, we added a couple of new reports  – Outage History and Outage Reason History.  The Outage History report lets you see all of the outages that ever occurred, but it breaks it down by resource, so you can view all of the times you had a SharePoint outage, or an Exchange outage, etc.  As you can see from the screenshot here, it’s a much simpler way to view this data – in this case for OneDrive for Business:


For Outage Reason History, the data actually gets a lot more interesting and insightful.  First of all, we give you a breakdown of the different reasons for outages broken down by calendar quarter.  This allows you to see trends in where the supportability issues have been for your tenant.  Here’s an example:


Just at a quick glance you can see that originally back when we first started monitoring our Office 365 tenant, a lot of outages were Internal Server Errors and Unauthorized (usually meaning there was an Azure AD availability issue).  Again though, just like with the Outage History report, you can drill down into specific Office 365 services to see what the outage history is like for each one.  Here’s an example of that:


In this case we’re looking at the outage history for SharePoint Online.  Again, you can also see here how earlier the outages were primarily Unauthorized (meaning an Azure AD issue), but now we see more Service Unavailable errors.  Overall though, what’s also interesting is that you see we have far fewer outages with SharePoint Online than we did when we first started monitoring.  This is a great historical perspective to have and understand, as you see changes to the service and changes in the reliability in your tenant over time.


Some More Data, Some Better Data

I think these new reports will continue to help you Stay in the Know and Stay in Control of your Office 365 tenant.  You get deeper and more meaningful data than ever before, and we continue to build and expand the service to try and help keep you on top of your tenant at all times.  As always, if you have feedback on these or any other feature, I strongly encourage you to contact us at  I read every customer recommendation and piece of feedback we receive.  If you haven’t started monitoring Office 365 yet, then please stop by our site at and click the big Start Now link on the home page for a free 90-day trial so you can see exactly how you can put monitoring to work for you.

From Sunny Phoenix,


New Office 365 Network Performance Tools from Office365Mon.Com

Today we’re announcing new tools and features for monitoring and analyzing the network performance for Office 365.  These new tools expand the set of features we have for Office 365 network performance analysis that we announced in July of last year:  New Office 365 Network Performance Analytics from Office365Mon.  The features announced today use an updated version of our Distributed Probes and Diagnostics agent to help you monitor, notify, and report on the network performance to key services.  That include core network services such as DNS and proxy servers, as well as the to the public endpoints for Office 365 services such as Exchange Online, SharePoint Online, and OneDrive for Business.  In addition to that, we also monitor for changes in your egress point to the Internet from the different geographic locations where you install the agent.

One of the first things you may notice is that you’re now able to set up notifications for changes in your egress points when you configure the Distributed Probes feature for your subscription.  Not only do we notify you when your egress location changes, we also keep a history of all of the changes at all of the locations where you’ve installed our latest agent.  That allows you to go back at any point in time when you may have noticed performance issues to see if a change in egress locations may be a factor.

When you install and configure the latest version of our agent, you can set notification thresholds on a location-by-location basis so you can be alerted if network performance to the key services described above has become excessively slow.  Once you install and configure the agent, these key service performance metrics are measured and monitored every time we issue health probes with the agent.  All of the data is pushed back up to the cloud so you can view a number of different reports on these metrics.

We start out with service performance metrics reporting that shows you what the performance is like for each of these key services at each location where you’ve installed the latest agent, as shown here:


As with all of our charts at Office365Mon, you can easily click on items in the legend to take them off, or add them back onto the chart data.  That allows you to easily drill down into the data – for example if you wanted to compare the performance of a particular service across the different locations where you’ve installed the agent.

In another report, you can look at the performance details on an agent-by-agent basis.  When you do that, you can drill down into the individual service and also see the specific IP addresses that have been resolved for the service.  This lets you know exactly where your requests are getting routed to, and how long each is taking to service your requests.  Exchange Online tends to be particularly interesting because you will find that requests for it get spread across a wide number of distribution points, as shown here:


For both of these reports, you’re able to see these performance metrics not only for your current day health probes, but also daily as well as monthly summaries.  That enables you to see your performance trends over time, as well as being able to compare your current performance to what you’ve historically experienced so you can understand fairly easily whether you are experiencing “unusual” slowness on any particular day.

As described above, you can also view the history of changes in your Internet egress point for each geographic location where you’ve installed our latest agent, as shown here:


Try It Today

These new tools are available as a Preview offering today from Office365Mon.Com.  For customers that have already deployed one of our Distributed Probes and Diagnostics agent, you will need to download and install the new agent to replace it.  Other customers can just go straight to downloading and configuring the agent after your Office365Mon subscription is set up and ready to go.  To create a new subscription for monitoring Office 365 you can begin at our web site at  If you already have a subscription and want to try out the new agent – which is included for FREE with ALL of our Office365Mon licenses – you can go to the Configure Distributed Probes page at

These new features are another example of functionality we’ve added to the service based on requests from our customers.  As I always say, we value your feedback and I personally read each and every product suggestion that comes in.  I hope you will take the time to try out these new features, and we will continue to expand our service to give you as much information as can to help you Stay in the Know, and In Control, of your Office 365 subscription.


From Sunny Phoenix,



Office365Mon Launches New “Private” Offering for Large Enterprises, CSPs and US Government Organizations

Today we are announcing the release of a new offering from Office365Mon.Com called “Office365Mon Private”.  With this offering you can get your own private instance of the Office365Mon.Com monitoring service for Office 365 deployed to your own Azure subscription.  This brings with it several advantages for large enterprises, CSPs, and US Government organizations that check all of the important boxes:

  • Because you have all of the data and monitoring in your own private subscription, we use an alternative method for connecting to your resources that no longer requires you to update our access to them once every three months. Instead, you set it up once, and you never have to touch it again.
  • We automatically inventory all of your SharePoint and OneDrive for Business sites, and Exchange mailboxes, and we do monitoring randomly against all of them, without any additional configuration required by you.
  • We can provide performance data across all of your various sites and mailboxes, no matter what geographical region they are located in. This becomes even more important as Microsoft expands support for geographically distributed SharePoint Online sites.
  • Office365Mon Private is now the only offering where you can get our new Log Shipping feature. This feature allows you to capture all of your SharePoint Online and OneDrive for Business activity logs, and store them for as many months as you like.  Microsoft only stores a couple of months worth of logs, but most enterprise and government organizations require longer retention periods for things like compliance, auditing, record keeping, lawsuit discovery, etc.
  • Especially for CSPs, you can easily add as many additional tenants to monitor as you like. We provide deployment management tools in Office365Mon Private that allows you to create new subscriptions, create custom licensing plans, move customers between different licensing plans, etc.
  • For US Government organizations – we are now set up in the US Government deployment of Microsoft Azure! That means we can now help you deploy Office365Mon Private to the US Government deployment of Azure, and you can have your own private instance of Office365Mon running for your tenant in there.
  • For all customers, you can easily have Office365Mon Private deployed to any Azure data center anywhere in the world, in whatever region you require.
  • As we add additional features to our existing Office365Mon.Com service, we will roll them out as applicable and make them available to Office365Mon Private customers as well.


Getting It Set Up

Getting things set up with Office365Mon Private is extremely easy.  Our engineers will work with your organization to set up a short one- to two-week project where we deploy it to your Azure subscription.  We’ll make sure everything is set up and configured, and verify that all services are working before we turn it over to you.  After we do that, you’re free to operate it as you choose, but you can rest easy knowing that we are available to assist you should you encounter any issues or have any questions.


Using the New Features

Here are just some of the important new features that deserve a little more attention.

Tools for Monitoring Multiple Tenants

When you want to monitor multiple Office 365 tenants, such as if you’re a CSP, you’ll find several tools to help you do that with the new Subscription Management page.  Here you can create and delete subscriptions, get a list of all of the subscriptions you’re monitoring; add, modify or delete any custom licensing plans, and more.

For example, here you can see how easy it is to create a new customer subscription:


If you want to create or modify a custom licensing plan, you can pick and choose from all of the available features we have in Office365Mon Private, including Threat Intelligence Monitoring and Log Shipping:


You can also do things like customize the “FROM” email address that’s used when notifications are sent out, as well as run your own custom code or tasks once a day after our daily processing jobs are completed.


Managing Access to Monitored Resources

With Office365Mon Private, you no longer have to go in once every three months and update the Azure access tokens that are used for monitoring.  Instead, we’ll help you set up a certificate that will be used to provide access to the resources we’re going to monitor.  As you can see from the Private Deployment configuration page, it’s a simple three-step process:


Our engineers will walk you through this during your initial deployment, and then are available to answer questions if you are going to set up monitoring for other Office 365 tenants as well.


Pricing and Availability

Office365Mon Private pricing is based on the number of resources you have to monitor – mailboxes, SharePoint and OneDrive sites.  The less you have, the less you pay; the more you have, the more you pay.  You can get complete details, including an estimate based on the size of your organization, by emailing

Office365Mon Private is available today!  If you’ve seen Office365Mon before and are interested in just the new Private features and how you use them, then you can contact us at and we’ll be happy to show you how these new tools and features work.  If you’ve never seen Office365Mon before and want to see all of the features, insights, and reports that are available to you with both the current service and Office365Mon Private, then email us at and we will arrange a demo for you.  You can also always go to our site at to see what’s there for yourself, as well as start up a free 90-day trial of our service.

Office365Mon Private provides some genuinely unique, interesting and exciting monitoring options for enterprises, CSPs and US Government organizations.  We hope you’ll take a few minutes to consider the value that Office 365 monitoring brings to help you stay In the Know, and In Control of your Office 365 services.

From Sunny Phoenix,




New Centralized Office 365 Storage Monitoring from Office365Mon.Com

Today we’re announcing the release of a new centralized storage monitoring feature for Office 365 resources.  In addition to that, as part of this same feature we are providing Office 365 usage information trends across your tenant over a rolling 52-week year.

Our new feature is called Usage Monitoring.  In Office 365 today, when resources get close to their allocated storage, notifications can be sent to the resource owner.  For example, when you reach a certain percentage of your allocated storage for a SharePoint site or OneDrive for Business site, the site collection admins can get email notifications.  With Exchange Online, the mailbox owner can get a notification when they reach their mailbox’s Issue Quota Warning storage level.  There isn’t the capability though to keep your company administrators connected to all of these events when resource storage reaches critical levels.  This is important because when individual users get these messages, the first thing they normally do is call the help desk and escalate the situation into something much more urgent than it needs to be.

With Usage Monitoring from Office365Mon.Com, we’ve made it super simple to set up centralized notifications for these events.  You simply tell us what types of storage you want us to monitor – Exchange, SharePoint sites, and/or OneDrive sites – and then you tell us at what percentage of the allocated storage you want us to notify you.  You can see the configuration options below:


Once configured, any time any resource in your organization reaches these levels we’ll send out emails to everyone that you’ve included for notification in your Office365Mon subscription.  In addition to that, we also send out a webhook notification that includes the type of resource that has triggered the notification, along with a list of all the resources that are exceeding the configured amount.  Like many of our features at Office365Mon.Com, this keeps you In the Know and In Control so you can get in front of these situations before they become a problem!

In addition to letting you know when you’re hitting storage limits, you also get several reports that fill you in on what services your users are using.  We also have several reports that will give you trend information around what sort of activities and with what frequency they are using them within the major services.  For example, you can see how many active users you’re getting per week in each of the major Office 365 services:


You can see the message activity from Exchange:


The feature usage within Skype for Business:


As well as the adoption rate of Microsoft Teams features:


In addition to this, we also create reports for the Top 100 SharePoint sites, Top 100 OneDrive for Business sites, and Top 100 Mailboxes.  The resources are ordered by the amount of storage they are consuming.  By updating the report data once a week, you can easily spot trends that are occurring in usage and adoption of the different services and features in your Office 365 subscription.

The Usage Monitoring feature is included with the Enterprise Platinum license from Office365Mon.Com.  Existing customers can take advantage of this new set of features today.  New customers who are interested in this or other features of Office365Mon can go to our web site at and click the big Start Now link on the home page to begin a free 90-day trial.  We don’t ask for any payment information up front, so you can just go right in and start creating your new Office365Mon subscription to try out all of the amazing features of the service.

As always, we’d love to hear any feedback you have on this feature, or suggestions for new ways to support your needs with Office 365.  I personally read every single suggestion that comes into our mailbox, so let us know what you think!

From Sunny Phoenix,




New Geo Aware Alerts for Office 365 Outages Available Now from Office365Mon.Com

Today we launched a new feature that is available to all Office365Mon customers.  We call this feature “Geo Aware Alerts”, and it’s yet another way we help keep you aware of what’s happening in the Office 365 ecosystem.  In this case, it’s rather like crowdsourcing Office 365 outage information.  The way it works is, you can configure your Office365Mon subscription to alert you when other Office365Mon customers within a specific distance from your users start experiencing an outage.  You get to define what that distance is and whether it’s measured in miles or kilometers.  Then, you can go install our Distributed Probes agent in all of the different geographic locations where you have users.  When you install the agent, it captures the physical location where it’s being installed.

Now, whenever another customer’s Distributed Probe agent detects an outage, if that agent is within that specific distance of one or more of your agents, you’ll get notified that an outage has started nearby.  This can be important because Office 365 outages aren’t always the fault of Office 365.  As we monitor Office 365 we see that sometimes they happen when there are regional Azure Active Directory issues, localized network or ISP issues, etc.  Being aware of a local issue can help you keep in front of trouble before it becomes a bigger problem for your users, or worse yet, catches you unaware that there’s any problems going on at all.  As you can see from the picture below, we already have customers with the Distributed Probe agent installed all over the world:


That’s all part of our motto at Office365Mon – Stay in the Know, and Stay in Control.  Geo Aware Alerts are another way we help you do just that.  To start using this feature, you can visit our site at and go to the Configure Office 365 Distributed Probes page at  From there you can configure when you want Geo Aware Alerts to fire, as well as download the Distributed Probes agent.  If you’ve already installed the Distributed Probes agent you don’t need to get a new version to take advantage of this feature.  However, you do need to run the Configuration utility for it again in each location where you’ve installed an agent.  You don’t need to change anything – just clicking the Save button will capture your agent’s location information for the Geo Aware Alerts feature.

From Sunny Phoenix,


Office365Mon Launches New Features for Storing Office 365 Logs and Monitoring Health Scores and Request Times

Today we are announcing the Preview availability of two new features at Office365Mon, both targeted at SharePoint Online (SPO) and One Drive for Business (ODB) in Office 365.  The first is our enterprise Log Shipping feature, which creates a copy of the log files of all your activity in SPO and ODB and will store up to 12 months’ worth of these logs for you, as well as provide some basic reporting on them.  The second is our Health Score feature, which provides Office 365 monitoring of health scores for your specific SPO and ODB tenant, as well as the processing time – just within your tenant – of each monitored probe we send.  This gives you a bird’s eye view of the performance in your tenant, without the extra baggage of networks, Internet congestion, ISP issues, etc.


Log Shipping

The Log Shipping feature is used in conjunction with our Threat Intelligence Monitoring feature.  As part of that, we capture all of the log entries that Microsoft generates for the activity on your SPO and ODB tenants.  You can then store these log files for up to 12 months and have that data available for download to deal with any kind of compliance, auditing, or other evidentiary needs of your tenant’s activity.  Once it’s turned on, we also provide some basic analytic reports of the data they contain.  That includes things like the top 10 most active sites, top 10 operations (like file download, upload, search, etc.), most active users, the browsers that are being used, and an operation trends report.  The trends report shows you which operations are being performed month over month so you can see which activities are trending up and down, as shown here:


The Log Shipping feature has gone through two beta cycles at Office365Mon and is now ready for general consumption as a Preview feature.   During the beta we had the opportunity to validate the solution against a wide variety of tenants and organizations, from relatively small to extremely large.  We’ve captured logs up to several gigabytes in size and have successfully stored and downloaded all of them, so it can easily scale to meet the needs of any size organization.  The Log Shipping feature will be included with our Enterprise Platinum with Threat Intelligence Monitoring license.


Monitoring Health Scores

For those of you familiar with SharePoint on premises, you may be familiar with SharePoint health scores and request durations.  These are values that SharePoint embeds in each request you make that gives you metrics on the performance health of your farm.  SharePoint Online and OneDrive for Business in Office 365 contain these same metrics, and we are now capturing that performance data for ALL Office365Mon subscriptions.  The health score is a value between 0 and 10 that represents the overall health of your tenant, where 0 is the healthiest, and 10 is the worst.  For example, if the farm is under duress from load or some other performance problem, then the health score will steadily increase.  The request duration tells you how long the farm itself took to process your request.  That allows you to eliminate all of the other transportation-related overhead when looking at the performance of your tenant.  With that out of the way, you can view the performance of your tenant in processing the Office 365 monitoring probes we issue and understand when there are issues, if there are certain times of day when performance declines, or even certain days of the week.  We provide reporting data on these metrics for the current day, day over day for each month, and month over month.  Here’s an example of a current snapshot of this performance data from our tenant:


In addition, you can also set up notifications when the health score or request duration for your tenant exceeds a particular value.  It’s now part of where you configure your Office365Mon subscription, as shown here:


This feature is also in preview, and as mentioned above, is included with ALL of our Office365Mon licenses.


Try It Today!

These features are available for you to try today.  Health Score monitoring is automatically turned on for all new and current Office365Mon customers.  Log Shipping is available for current customers with the Enterprise Platinum with Threat Intelligence Monitoring license, and is also included with our 90-day trial subscription for new customers.  To get a trial license simply visit us at and click the big Start Now button on the home page.

We hope you’ll take these features for a spin and let us know what you think.  Both of these features are another example of feedback we’ve taken directly from you, our customers, and incorporated into the product.  Please keep it coming, we love to deliver on your Office 365 monitoring needs.

From Sunny Phoenix,





Monitoring Geographically Distributed Office 365 Tenants at Office365Mon.Com

One of the questions we see from time to time is around where and how we monitor Office 365, and what all gets monitored.  In a nutshell, what we deliver out of the box is monitoring from a set of Azure cloud services, that will then go and do performance and availability monitoring of your Office 365 tenant, where ever those resources may be.

In terms of what gets monitored, that really boils down to “how many” of a particular resource type are we going to watch for you.  Some people have misconceptions around that, thinking that they may want to monitor every single SharePoint site, or every single mailbox, in an entire organization.  While some companies may have used solutions like that when all of their services were on premises, that is a model that doesn’t really make sense when the data is hosted in the cloud.  The reasons why, and the way we DO look at ensuring coverage for a tenant, dovetails nicely into a broader conversation about “how do we do that” when you have parts of your tenant distributed geographically.

To begin with, let’s talk a little bit about why you really don’t need, want, or even should try monitoring every single resource in your tenant.  Here are a few of the most obvious reasons:

  • Security – in order to monitor a resource, you need to have access to the resource. Opening up your tenant and granting access to your entire corporate email and document repository set to a monitoring service (or any application for that matter) is about as bad an idea as you’ll come by.  This is how data gets leaked people.
  • Signal overload – over time, you’ll see many short, transient errors with your cloud resources. It doesn’t mean the service or even your tenant is going down; it’s just the nature of life on the Internet.  If you try and wade through tens, hundreds or thousands of these signals a day, you’ll be worn out probably before your first coffee break.  You need to be able to establish an appropriate cross section of your service offering to sample, not gorge yourself on data.
  • Necessity – frankly, it just isn’t necessary. What I’ve seen from my many years working at Microsoft, and then subsequently at Office365Mon, is that you will get an excellent view of the health of your tenant by monitoring one to a few resources based on data center.  For example, in most cases (but not all), if one SharePoint site is up, they are ALL up.  It’s incredibly rare to have only one or two site collections within a tenant down and all the others up, or vice versa.  With Exchange it’s a lot of the same thing – while it’s more likely there that you may randomly have issues with one or two mailboxes now and again, in most cases when one mailbox is up within a data center, they’re all up; when one is down, they’re all down.  Again, this is not true in all cases (and Exchange itself has some other factors based on its architecture that can contribute to more of these outages than SharePoint), but it’s a good general rule to follow.

So how does that pertain to monitoring geographically distributed Office 365 resources?  Like this – today, Exchange can have mailboxes for a single tenant split between different data centers.  In the future, SharePoint Online will support having different segments of its service split across multiple data centers.  For more details on what’s happening with SharePoint Online in this respect, see this TechNet article:  Multi-Geo Capabilities in OneDrive and SharePoint Online in Office 365.   At Office365Mon, we tackle this in a couple of different ways:

  1. Cloud probes – when your data is split across multiple data centers, create multiple Office365Mon subscriptions. With each subscription we can target a different resource or resources in the different geographic locations where you have resources.  All of our licenses at Office365Mon support having multiple subscriptions; for more details see our Pricing page.  By pulling a representative resource or two from each different data center and configuring Office365Mon subscriptions to monitor them, we can track all of your data centers with our cloud-based probes.
  2. Distributed Probes – we also have a feature that you can download and install locally called Distributed Probes and Diagnostics. This can be installed on as many different devices in as many different locations as you want.  So you can install the agent on different physical or virtual machines that are in or near the same regions where your Office 365 resources are at.  Each of these devices issues health probes from the location at which it’s installed, and then it “reports back” with both performance and availability data so you can keep track of what’s happening with your Office 365 tenant worldwide.

When you start breaking down your monitoring plan by mapping it to the geographic regions in which you have data, and then matching that to Office365Mon subscriptions and Distributed Probes, you can pretty easily and pretty quickly develop and deploy your Office 365 monitoring in a way that will keep you in the know and in the control, no matter how big your organization is.  As always, the first step is to create your Office365Mon subscription, which you can do at  The first 90 days is free and you don’t need to provide any payment information up front.  You can continue to add additional subscriptions during your trial period and map out a workable, sensible monitoring strategy.

As always, we love to hear feedback so if you have questions feel free to shoot them to our support staff at

From Sunny Phoenix,



Expanding Coverage for Malware Monitoring to SharePoint Online and OneDrive from Office365Mon.Com

Today we released the next phase of our Threat Intelligence monitoring features at Office365Mon.Com.  Office 365 monitoring has been a staple of ours at Office365Mon.Com for a number of years now, and recently we’ve expanded it to take advantage of the new Threat Intelligence capabilities provided to Office 365 E5 license holders.  Our initial offering included support for threats that were delivered via email to Office 365 customers.

As explained in our initial blog post here:, the Threat Intelligence monitoring we’ve launched already allows you to do things like get notified the first time a new malware is sent to your organization, when you get more than a certain number of malware within a given time period, and when any user gets more than a certain number of malware in any given day.  All of that monitoring and alerting has been based on malware that arrives via email.  Today, we’re adding support for monitoring malware threats in SharePoint and OneDrive for Business.  By adding these additional services, you can be assured that when your monitoring Office 365, you’ll also be kept aware of when and where malware shows up in virtually all of the primary repositories in your Office 365 tenant.

In addition to the notification options described above, we’ve added a new one one that’s designed specifically for SharePoint and OneDrive for Business – alerting you when any individual user uploads and/or shares an excessive number of malware infected files in any given day.  You decide what an “excessive” number is, and we do the rest.  As always, configuration is incredibly simple for these features, as shown here:


Every time any user uploads an excessive number of items, you’ll be given a notification along with details around who is responsible.  That allows you to take quick action in case one of your users’ devices has been compromised or they are otherwise unaware that they have pushed malware infected items into your Office 365 tenant.  You’ll get the information you need to focus your efforts on the individuals who are having the most difficulties so you can lock things down and disinfect their devices.

We’ve also rolled this data into several of our existing Threat Intelligence monitoring reports, as well as adding some new ones too.  Here’s a look at all of the Threat Intelligence related reports in our Advanced Report gallery; the one’s highlighted in green are existing reports that now contain additional data from SharePoint and OneDrive; the one highlighted in purple contains a set of new reports just for malware found in SharePoint and OneDrive.


When you view the Other SharePoint Threats report, there are actually a number of different ways to view data points about the malware that’s made it into your tenant:

  • By author, or the person that uploaded the infected item
  • By site, so you know which sites are most problematic for having infected materials sent to them
  • By malware family, so you can see which types of malware are making their way into SharePoint and OneDrive for Business most frequently
  • By file type, so you can see which types of files are getting infected most frequently and then subsequently working their way into your tenant

You’re really getting a comprehensive view of your tenant when monitoring Office 365 with Office365Mon.Com.  The new release today further broadens the multitude of ways in which we keep you in the know and in control of your Office 365 tenant.

You can try out our new and improved Threat Intelligence monitoring features by visiting us at  If don’t have an Office365Mon subscription yet, you can create one for free for 90 days with all of these features turned on.  We never ask for any payment information up front, so you can just click on the big Start Now link on the home page and get started.  If you’re an existing Office365Mon customer, just go to the Configure Threat Intelligence Monitoring page for your subscription at

As always, if you have any questions or feedback on this or any other features, please reach out to our support team at

From Sunny Phoenix,