Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Now, Microsoft Graph activity logs is generally available for you to track user activity and more

It was made available from April 11, 2024

4 min. read

Published onApril 16, 2024

published onApril 16, 2024

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Recently, Microsoft announced that Graph Activity Logs would be available to the general public. Microsoft Graph activity logs allow data source you to perform security analysis and monitor application activity and threat hunting in your tenant.

Here are the use cases mentioned in the blog post:

In the existing scenario, you can collect sign-in logs to examine authentication activity and audit logs to see changes to important resources.

However, now, with Microsoft Graph activity logs, you can scrutinize the complete picture of activity in your tenant, including token requests in the sign-in log, API request activity,  ultimate resource changes in audit logs and more.

In the blog post, Microsoft also mentioned some basic queries to illustrate how to work with these logs:Summarize applications and principals that have made requests to change or delete groups in the past day:

See recent requests that failed due to authorization:

Identify resources queried or modified by potentially risky users:

Note: This query leveragesRisky Userdata from Entra ID Protection.

Microsoft Graph activity logs are available via theAzure Monitor Logs integration of Microsoft Entra, and admins can configure the collection and storage destinations of Microsoft Graph activity logs using the diagnostic setting in the Entra portal.

To access the Microsoft Graph activity logs, you need to have the following:

You should also consider these limitations mentioned on theMicrosoft Learnpage

What do you think about Microsoft Graph activity logs? Tell our readers in the comments section below.

More about the topics:microsoft

Srishti Sisodia

Windows Software Expert

Srishti Sisodia is an electronics engineer and writer with a passion for technology. She has extensive experience exploring the latest technological advancements and sharing her insights through informative blogs.

Her diverse interests bring a unique perspective to her work, and she approaches everything with commitment, enthusiasm, and a willingness to learn. That’s why she’s part of Windows Report’s Reviewers team, always willing to share the real-life experience with any software or hardware product. She’s also specialized in Azure, cloud computing, and AI.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Srishti Sisodia

Windows Software Expert

She is an electronics engineer and writer with a passion for technology. Srishti is specialized in Azure, cloud computing, and AI.