This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 87%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJW%3C/text%3E%3C/svg%3E)
Following a server crash on wednesday, i've found that a number of mailboxes that i have auditing enabled on have stopped recording any audit entries.
I can use the search-mailboxauditlog cmd to pull up the data from prior to the crash but nothing since it was rebooted.
After the reboot there've been no other issues with the server and no errors showing in logs that i can see either.
I've tried disabling the auditing and enabling it again but thats not helped.
Is there a way of purging the log so that it starts again?
You can set the audit age log to 0, the run the Folder Assistant
set-mailbox <user> -AuditLogAgeLimit 00:00:00
Start-ManagedFolderAssistant <user>
You may need to run that second command (Start-ManagedFolderAssistant <user>) a few times or let it sit over night
https://learn.microsoft.com/en-us/powershell/module/exchange/set-mailbox?view=exchange-ps
For example, to specify 60 days for this parameter, use 60.00:00:00. Setting this parameter to the value 00:00:00 removes all audit log entries for the mailbox. The entries are removed the next time the Managed Folder Assistant processes the mailbox (automatically or manually by running the Start-ManagedFolderAssistant cmdlet).
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(28.799999999999997, 82%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEY%3C/text%3E%3C/svg%3E)
Have you tried the command that Andy posts? Is the mailbox audit working now?
Does mailbox audit work for new created mailbox? If yes, try to move the old mailboxes to a new database or run a mailbox repair: New-MailboxRepairRequest
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
I am writing here to confirm with you how the thing going now?
If you need further help, please provide more detailed information, so that we can give more appropriate suggestions.
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.