HTMD Community | Export Azure AD Logs to Azure Monitor | Analyse the Logs using KQL Queries @htmdcommunity | Uploaded 1 year ago | Updated 1 day ago
Let's check how to Export Azure AD Logs to Azure Monitor in this video tutorial. AAD Logs can be exported to the Log Analytics workspace and looked into this using KQL Queries.
#msintune #intune #azuread #azure #azuremonitor
New Azure AD Audit Logs | MicrosoftGraphActivityLogs | EnrichedOffice365AuditLogs - https://www.anoopcnair.com/new-azure-ad-audit-logs-microsoftgraphactivity/
==
Azure AD Logs to Azure Monitor
Export AAD Logs to Log Analytics
Licensing Requirements
Create Log Analytics Workspace
==
What are Azure AD Logs?
Azure Active Directory (Azure AD) logs enable you to assess many aspects, including troubleshooting or forensic analysis of your Azure AD tenant.
Who will have access to these AAD Logs?
Reports Reader
Security Reader
Security Administrator
Global Reader (sign-in logs only)
Global Administrator
==
Types of Azure AD Logs
Audit logs
Anomalous activity reports
Risk detection and Azure AD Identity Protection
Sign-in Logs
==
License and Other Requirements to export Azure AD Logs
Azure subscription
An Azure AD Premium P1 or P2 tenant
Global Administrator or Security Administrator access for the Azure AD tenant.
A Log Analytics workspace in your Azure subscription.
==
List of Azure AD Logs Data
AuditLogs
SignInLogs
NonInteractiveUserSignInLogs
ServicePrincipalSignInLogs
ManagedIdentitySignInLogs
ProvisioningLogs
ADFSSignInLogs
RiskyUsers
UserRiskEvents
NetworkAccessTrafficLogs
RiskyServicePrincipals
ServicePrincipalRiskEvents
EnrichedOffice365AuditLogs
MicrosoftGraphActivityLogs
==
Microsoft Docs
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-access-activity-logs
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-integrate-activity-logs-with-log-analytics
==
More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -
✔ https://www.anoopcnair.com/windows-365/
👉 Stay Connected - https://howtomanagedevices.com/stay-connected/ 👉 https://howtomanagedevices.com/sccm/1791/how-to-manage-devices-live-digital-events-weekend-learning/
#CloudPC #Windows365 #W365
https://howtomanagedevices.com/
Learn SCCM Read https://www.anoopcnair.com/sccm/
https://www.anoopcnair.com/learn-sccm-intune/
Learn Intune Read - https://www.anoopcnair.com/intune/
https://www.anoopcnair.com/learn-microsoft-intune/
Learn Windows 10 Read - https://www.anoopcnair.com/windows-10/
Learn Hyper-V Read - https://www.anoopcnair.com/hyperv-2/
Learn About Cloud Read - https://www.anoopcnair.com/cloud/
Learn about Azure Read - https://www.anoopcnair.com/cloud/azure/
Learn About IT Pros Events - https://www.anoopcnair.com/itpro/
Learn about me - https://www.anoopcnair.com/about/
#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices
#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices
Let's check how to Export Azure AD Logs to Azure Monitor in this video tutorial. AAD Logs can be exported to the Log Analytics workspace and looked into this using KQL Queries.
#msintune #intune #azuread #azure #azuremonitor
New Azure AD Audit Logs | MicrosoftGraphActivityLogs | EnrichedOffice365AuditLogs - https://www.anoopcnair.com/new-azure-ad-audit-logs-microsoftgraphactivity/
==
Azure AD Logs to Azure Monitor
Export AAD Logs to Log Analytics
Licensing Requirements
Create Log Analytics Workspace
==
What are Azure AD Logs?
Azure Active Directory (Azure AD) logs enable you to assess many aspects, including troubleshooting or forensic analysis of your Azure AD tenant.
Who will have access to these AAD Logs?
Reports Reader
Security Reader
Security Administrator
Global Reader (sign-in logs only)
Global Administrator
==
Types of Azure AD Logs
Audit logs
Anomalous activity reports
Risk detection and Azure AD Identity Protection
Sign-in Logs
==
License and Other Requirements to export Azure AD Logs
Azure subscription
An Azure AD Premium P1 or P2 tenant
Global Administrator or Security Administrator access for the Azure AD tenant.
A Log Analytics workspace in your Azure subscription.
==
List of Azure AD Logs Data
AuditLogs
SignInLogs
NonInteractiveUserSignInLogs
ServicePrincipalSignInLogs
ManagedIdentitySignInLogs
ProvisioningLogs
ADFSSignInLogs
RiskyUsers
UserRiskEvents
NetworkAccessTrafficLogs
RiskyServicePrincipals
ServicePrincipalRiskEvents
EnrichedOffice365AuditLogs
MicrosoftGraphActivityLogs
==
Microsoft Docs
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-access-activity-logs
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-integrate-activity-logs-with-log-analytics
==
More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -
✔ https://www.anoopcnair.com/windows-365/
👉 Stay Connected - https://howtomanagedevices.com/stay-connected/ 👉 https://howtomanagedevices.com/sccm/1791/how-to-manage-devices-live-digital-events-weekend-learning/
#CloudPC #Windows365 #W365
https://howtomanagedevices.com/
Learn SCCM Read https://www.anoopcnair.com/sccm/
https://www.anoopcnair.com/learn-sccm-intune/
Learn Intune Read - https://www.anoopcnair.com/intune/
https://www.anoopcnair.com/learn-microsoft-intune/
Learn Windows 10 Read - https://www.anoopcnair.com/windows-10/
Learn Hyper-V Read - https://www.anoopcnair.com/hyperv-2/
Learn About Cloud Read - https://www.anoopcnair.com/cloud/
Learn about Azure Read - https://www.anoopcnair.com/cloud/azure/
Learn About IT Pros Events - https://www.anoopcnair.com/itpro/
Learn about me - https://www.anoopcnair.com/about/
#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices
#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices
