New Audit Preview Added to Azure Active Directory Admin Portal -- Redmondmag.com

New Audit Preview Added to Azure Active Directory Admin Portal

By Kurt Mackie
11/08/2016

Microsoft has added auditing features to its Azure Active Directory admin portal for administrators, which is still at the preview stage from its initial preview launch in September.

The Azure admin portal preview now has options to view audit and sign-in logs, which is a new preview capability that was announced on Tuesday. Filters can be used to refine the details. It's possible to see user and application activities using the auditing preview. The preview can produce graphs and charts for a visual showing of the log data.

It's also possible to use search to filter information using the new audit preview. A search can be based on the user's principal name, date and time, activity and activity type. For instance, the sign-in activity of a particular user can be viewed over the past 30 days.

The new audit preview will work across all resources in a tenancy, Microsoft's announcement added.

Microsoft is also providing APIs that can pass audit log data to applications. There's an Audit API, which can be used to filter activity log information. A Sign-in API can be tapped by applications to show user sign-in information.

Some new Azure admin portal capabilities will require having an Azure AD Premium subscription in place. The new audit feature could end up having that requirement. Microsoft's announcement wasn't specific on that point.

In other Azure AD news, Microsoft announced earlier this month that it has released previews of new Azure AD PowerShell version 2 cmdlets that can be used to manage dynamic groups. The new cmdlets were a top request by users because organizations previously had to "set rules for the creation and population of these groups using the management UX," Microsoft's announcement explained.

Using Azure AD PowerShell to create managed groups will require having an Azure AD Premium subscription in place.

The preview includes a few new cmdlets. One will create and manage a dynamic group. Another lets IT pros create an Office 365 group. Refresh tokens can be revoked using another cmdlet. In addition, the processing of a group can be paused or modified using PowerShell parameters.

Microsoft has also begun establishing a new naming convention for these PowerShell cmdlets. If the cmdlet calls the Microsoft Graph service, it'll get "MS" added in its name. This new naming convention will take effect in a future release, Microsoft indicated.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

Microsoft and OpenAI Continue Global AI Expansions

Microsoft and OpenAI each continued their global expansion this month, with the announcements of new infrastructure investments and service rollouts in new regions, like Asia and the Middle East.
Cisco Warns of Brute Force Attacks Targeting VPNs and Firewalls

Cisco has revealed that a global increase in brute force attacks targeting Virtual Private Networks (VPNs) and other devices is currently taking place.
What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.