![]() An application is represented by a service principal in the directory.Ĭredentials were added to a service principal in Azure AD. Friendly nameĪn authentication permission was created/granted to an application in Azure AD.Īn application was registered in Azure AD. Also be sure to use double quotation marks ( " ") to contain the operation name. You must include the period in the operation name if you specify the operation in a PowerShell command when searching the audit log, creating audit retention policies, creating alert policies, or creating activity alerts. The operation names listed in the Operation column in the following table contain a period (. Any application that relies on Azure AD for authentication must be registered in the directory. The following table lists application admin activities that are logged when an admin adds or changes an application that's registered in Azure AD. Select one of the links in the In this article list on the right side of this page to go to a specific table. For descriptions of the detailed information, see Audit log detailed properties. ![]() The tables include the friendly name that's displayed in the Activities drop-down list (or that are available in PowerShell) and the name of the corresponding operation that appears in the detailed information of an audit record and in the CSV file when you export the search results. These tables group related activities or the activities from a specific service. ![]() You can search for these events by searching the audit log in the compliance portal. The tables in this article describe the activities that are audited in Microsoft 365.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |