5/25/2023 0 Comments User management activity audit![]() Status: Allows you to look at result based on if the activity was a success or failure. You can get the list of all Audit Activities using the Graph API: You can select a specific activity you want to see or choose all. Service: Defaults to all available services, but you can filter the list to one or more by selecting an option from the dropdown list.Ĭategory: Defaults to all categories, but can be filtered to view the category of activity, such as changing a policy or activating an eligible Azure AD role.Īctivity: Based on the category and activity resource type selection you make. You can filter the audit data using the options visible in your list such as date range, service, category, and activity. Editing the columns enables you to add or remove fields from your view. You can customize and filter the list view by clicking the Columns button in the toolbar. Status of the activity (success or failure).Category and name of the activity ( what).What do the logs show?Īudit logs have a default list view that shows: You can also access the audit log through the Microsoft Graph API. Sign in to the Azure portal and go to Azure AD and select Audit log from the Monitoring section. To access the audit logs, you need to have one of the following roles: The audit activity report is available in all editions of Azure AD. Have the names of applications been changed? Has a service principal for an application changed? What applications have been added or updated? With an application-centric view, you can get answers to questions such as: What licenses have been assigned to a group or a user? What are the groups that have been added?Īre there groups with membership changes? ![]() With a group-centric view, you can get answers to questions such as: What has an administrator done in a directory? What types of updates have been applied to users? With a user-centric view, you can get answers to questions such as: This log is categorized by user, group, and application management. What is it?Īudit logs in Azure AD provide access to system activity records, often needed for compliance. This article gives you an overview of the audit logs. Provisioning – Activities performed by the provisioning service, such as the creation of a group in ServiceNow or a user imported from Workday.Sign-ins – Information about sign-ins and how your resources are used by your users.Two other activity logs are also available to help monitor the health of your tenant: Changes to applications, groups, users, and licenses are all captured in the Azure AD audit logs. Azure Active Directory (Azure AD) activity logs include audit logs, which is a comprehensive report on every logged event in Azure AD.
0 Comments
Leave a Reply. |