Detailed auditing and sign-in logs now available using the new #AzureAD portal


 

A couple of months ago the Azure AD team announced the public preview of the Azure AD Admin Experience in the new portal, and since then we’ve got some new improvements. So on the 8th of November, they announced new auditing features to the preview.

Let’s logon now to the new Azure AD portal and check the new view of all audit logs and sign-ins:

screen1 

By clicking on the Sign-Ins section, you can get a list of all the sign-ins performed by all users, and you also get a detailed log about the applications that were used:

screen2

Now we have the ability to filter that information, using a variety of filters:

  • Date and time
  • Actor’s UPN (e.g. user@domain.com or you can simply type the name of the user)
  • Activity Type (E.g. User, Group, App, Policy, Domain, etc.)
  • Activity (E.g. Add User, Add Application, Add Owner to App, etc.)
  • screen3

    The Overview blade will give you information related to the applications that your users were using,

    screen4

    And if you check the Users and Groups section, you can see information related to that sign-in activity:

    screen5

    Now let’s check the audit logs, where you can see detailed logging about the entire activity of the users, along with the ability to search for a specific user’s events:

    screen6

    You can get similar results if you click on the Audit logs section in the Enterprise Applications blade:

    screen7

    The Azure AD team offers the ability to access all this data programmatically through a set of APIs, more information on this you can find here: https://blogs.technet.microsoft.com/enterprisemobility/2016/11/08/azuread-weve-just-turned-on-detailed-auditing-and-sign-in-logs-in-the-new-azure-portal/

    Thanks for your time!

    Σχολιάστε

    Συνδεθείτε για να δημοσιεύσετε το σχόλιο σας:

    Λογότυπο WordPress.com

    Σχολιάζετε χρησιμοποιώντας τον λογαριασμό WordPress.com. Αποσύνδεση / Αλλαγή )

    Φωτογραφία Twitter

    Σχολιάζετε χρησιμοποιώντας τον λογαριασμό Twitter. Αποσύνδεση / Αλλαγή )

    Φωτογραφία Facebook

    Σχολιάζετε χρησιμοποιώντας τον λογαριασμό Facebook. Αποσύνδεση / Αλλαγή )

    Φωτογραφία Google+

    Σχολιάζετε χρησιμοποιώντας τον λογαριασμό Google+. Αποσύνδεση / Αλλαγή )

    Σύνδεση με %s