{"id":21840,"date":"2022-04-07T03:37:45","date_gmt":"2022-04-07T07:37:45","guid":{"rendered":"https:\/\/www.eginnovations.com\/blog\/?p=21840"},"modified":"2022-11-17T19:12:13","modified_gmt":"2022-11-18T00:12:13","slug":"monitor-azure-ad-audit-logs","status":"publish","type":"post","link":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/","title":{"rendered":"Monitor Azure Active Directory Audit Logs"},"content":{"rendered":"<div class=\"inner_content\">\n<h2>How to Ensure Compliance and Security by Monitoring Azure AD Audit logs<\/h2>\n<p><a href=\"https:\/\/www.eginnovations.com\/supported-technologies\/azure-active-directory-monitoring-tools\">Azure Active Directory (Azure AD)<\/a> is Microsoft\u2019s multi-tenant, cloud-based Identity and Access Management (IAM) service. It takes care of authentication and authorization of user and application identities. It is the digital infrastructure that allows your employees to sign in and access external resources, such as those held in Microsoft 365 service, <a href=\"https:\/\/www.eginnovations.com\/supported-technologies\/azure-virtual-desktop-monitoring-avd\">Azure Virtual Desktops (AVD)<\/a>, an ever-growing list of other SaaS (Software as a Service) applications, as well as those held on corporate networks. As such, Azure AD, how it is performing, how it is configured, and any changes made must be controlled, validated, and audited to ensure a secure and available infrastructure. Identifying and alerting on failed and timed-out activities.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-21923\" src=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/monitoring-azure-ad-audit-logs.jpg\" alt=\"Monitoring Azure AD Audit logs diagram\" width=\"751\" height=\"346\" border=\"0\" srcset=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/monitoring-azure-ad-audit-logs.jpg 751w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/monitoring-azure-ad-audit-logs-300x138.jpg 300w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/monitoring-azure-ad-audit-logs-310x143.jpg 310w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/monitoring-azure-ad-audit-logs-140x65.jpg 140w\" sizes=\"auto, (max-width: 751px) 100vw, 751px\" \/><\/p>\n<p style=\"margin-bottom: 15px;\"><a href=\"https:\/\/www.eginnovations.com\/supported-technologies\/azure-active-directory-monitoring-tools\">eG Enterprise monitoring for Azure AD<\/a> leverages Azure AD Audit logs to allow administrators to:<\/p>\n<ul>\n<li>Receive proactive alerts and alarms if concerning changes are made and proactive notification if administration tasks fail or timeout to remediate immediately.<\/li>\n<li>Provide real-time and historical reporting for troubleshooting or audit purposes. Custom reports can be scheduled and archived to provide traceability and an audit trail for compliance and governance.<\/li>\n<li>Automate detailed diagnosis and capture of further information of failures to aid frontline help desk teams.<\/li>\n<li>Ensure audit data is available and archived long after Azure\u2019s default 30-day retention period.<\/li>\n<li>Maintain visibility on Azure systems even when Azure may be down.<\/li>\n<li>Give non-domain experts full insight into the contents of Azure AD Audit logs out-of-the-box, no need to script or parse files, no need to know, write and maintain PowerShell or similar.<\/li>\n<\/ul>\n<p style=\"margin-bottom: 15px;\">The <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/reports-monitoring\/concept-audit-logs\" target=\"blank\" rel=\"noopener noreferrer\">Azure AD Audit log<\/a> provides information about changes applied to your tenant. You can manually filter information or script queries to probe the changes in terms of the following categories in Audit log blade:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignright size-full wp-image-21924\" src=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/audit-logs.jpg?new\" alt=\"Audit Logs button\" width=\"300\" height=\"160\" border=\"0\" \/><\/p>\n<ul>\n<li>User management<\/li>\n<li>Group management<\/li>\n<li>Application management<\/li>\n<li>Resource management<\/li>\n<li>Device management<\/li>\n<li>Role management<\/li>\n<li>Policy management and more categories available<\/li>\n<\/ul>\n<p style=\"margin-bottom: 15px;\">With the help of the Audit log, you can answer the following questions:<\/p>\n<ul>\n<li>How many passwords were changed?<\/li>\n<li>How many users were changed?<\/li>\n<li>Were any federated domains were created?<\/li>\n<li>What licenses are assigned to a user or group?<\/li>\n<li>Has the owner change for the group?<\/li>\n<li>What applications are added or removed?<\/li>\n<li>Who gave consent to an application?<\/li>\n<li>What devices are added or removed?<\/li>\n<\/ul>\n<p style=\"margin-bottom: 15px;\">The Audit log is accessible to the following roles:<\/p>\n<ul>\n<li>Security Administrator<\/li>\n<li>Security Reader<\/li>\n<li>Report Reader<\/li>\n<li>Global Reader<\/li>\n<li>Global Administrator<\/li>\n<\/ul>\n<p style=\"margin-bottom: 15px;\">Audit log stores the information within Azure for 30 days by default for both P1 and P2 licenses and 7 days for free license SKUs. The Azure AD Audit logs allows you to query the information in the default view as shown below:<\/p>\n<p><a href=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/azure-ad-audit-log-example-viewimage.jpg\" data-rel=\"lightbox-image-0\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-21925\" src=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/azure-ad-audit-log-example.jpg?23\" alt=\"Azure AD Audit log example screen\" width=\"750\" height=\"223\" border=\"0\" \/><\/a><\/p>\n<p style=\"margin-bottom: 15px;\">With the help of filters, you can query based on status, category, activity, service, etc. You can get the properties that changed\/removed\/added by clicking the individual records. If you want to store the above data for more than 30 days, you will need to explicitly store it into an Azure storage account and pay for the storage costs of retention. The Microsoft forums are full of users facing challenges with the default retention period and it is worth exploring some of these real-life cases to understand the scenarios in which administrators may be asked to retrieve data many months or years after security incidents have occurred; see:<\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/answers\/questions\/37734\/sign-in-logs-older-than-the-30-day-limit.html\" target=\"blank\" rel=\"noopener noreferrer\">Sign-in logs older than the 30 day limit &#8211; Microsoft Q&amp;A<\/a> (A phishing scam, where the chargeback process requested information after several months.)<\/li>\n<li><a href=\"https:\/\/docs.microsoft.com\/en-us\/answers\/questions\/67397\/i-need-sign-in-andor-audit-logs-from-2-years-ago-o.html\" target=\"blank\" rel=\"noopener noreferrer\">I need Sign-in and\/or audit logs from 2 years ago. Only have option for 7 days ago max. &#8211; Microsoft Q&amp;A.<\/a> (A legal case involving IP theft discovered long after the 7-day retention period.)<\/li>\n<\/ul>\n<p>For administrators not being able to see who has logged in more than 30 days ago (or a mere 7 days on free SKUs) is a <a href=\"https:\/\/www.reddit.com\/r\/AZURE\/comments\/l1v4fh\/azure_sign_in_logs_for_longer_than_30_days\/\" target=\"blank\" rel=\"noopener noreferrer\">much debated challenge. <\/a><\/p>\n<p>Additional challenges with the native Azure interface are that it is designed for passive reading and investigation. The administrator needs to read or scrape the logs to identify if events of interest have occurred and the unstructured nature of the records make it hard to obtain an overview of what has been changed or has failed.<\/p>\n<h2>How eG Enterprise monitors the Azure AD Audit logs?<\/h2>\n<p>eG Enterprise Azure AD monitoring monitors Audit log and proactively alerts upon audit failures. All audit log records are stored in the eG database. So, you can store this data for a longer period than the Azure default for security, compliance or troubleshooting reasons. eG Enterprise allows you to slice and dice this data without writing any KQL (Kusto Query Language) queries and without the need to import the workbooks from community repositories using custom reports and dashboards.<\/p>\n<p style=\"margin-bottom: 15px;\">eG Enterprise\u2019s Azure AD Audit log monitoring helps you to find answers for questions like:<\/p>\n<ul>\n<li>Have there been any failures in audit activities?<\/li>\n<li>Have any timeouts occurred during audit activities?<\/li>\n<li>How many successful audit activities happened recently?<\/li>\n<li>How many unknown audit activities?<\/li>\n<\/ul>\n<p>The above metrics are categorized for User Management, Device management, Application management, etc., and populated to other categories as and when they are generated in Azure AD.<\/p>\n<p style=\"margin-bottom: 15px;\">eG reports the following metrics for audit logs in a simple to understand interface:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-21927\" src=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/azure-ad-audit-logs-interface.jpg?new\" alt=\"Azure AD Audit log interface screen\" width=\"750\" height=\"212\" border=\"0\" \/><\/p>\n<p>You can get the additional detailed view with eG detailed diagnosis. For example, the audit failure activities are shown below.<\/p>\n<p><a href=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/azure-ad-audit-logs-detailed-view-popimage.jpg\" data-rel=\"lightbox-image-1\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-21928\" src=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/azure-ad-audit-logs-detailed-view.jpg?new\" alt=\"Detailed Azure AD Audit view\" width=\"750\" height=\"148\" border=\"0\" \/><\/a><\/p>\n<p style=\"margin-bottom: 15px;\">This blog post is the fourth in a series covering monitoring of various aspects of Azure AD, previously I have covered:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.eginnovations.com\/blog\/what-is-azure-active-directory\/\/\" target=\"blank\" rel=\"noopener noreferrer\">An Overview of Azure Active Directory (Azure AD) \u2013 101, <\/a><\/li>\n<li><a href=\"https:\/\/www.eginnovations.com\/blog\/track-users-azure-active-directory\/\" target=\"blank\" rel=\"noopener noreferrer\">How to monitor and audit Azure AD Users<\/a> and<\/li>\n<li><a href=\"https:\/\/www.eginnovations.com\/blog\/azure-ad-app-client-secret-certificate-expirations-alerts\/\" rel=\"noopener noreferrer\">Monitoring and Alerting on Azure AD App Client Secret and Certificate Expirations.<\/a><\/li>\n<\/ul>\n<p>Monitoring and analytics reporting of Azure AD helps our customers comply with many compliance and regulatory standards such as PCI DSS, HIPAA, GLBA, FISMA, SOX, and more. Ensuring Azure AD is fully monitored helps our customers detect and respond to insider threat, privilege misuse, and other indicators of compromise, and improve their security processes.<\/p>\n<p><a href=\"https:\/\/www.eginnovations.com\/product\/application-performance-monitoring\/free-trial\" target=\"blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-21057\" src=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner.jpg\" alt=\"\" width=\"850\" height=\"195\" border=\"0\" srcset=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner.jpg 850w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner-300x69.jpg 300w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner-768x176.jpg 768w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner-800x184.jpg 800w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner-310x71.jpg 310w, https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/01\/single-freetrial-banner-140x32.jpg 140w\" sizes=\"auto, (max-width: 850px) 100vw, 850px\" \/><\/a><\/p>\n<h2>Further Reading<\/h2>\n<p style=\"margin-bottom: 15px;\">Many of our customers also use eG Enterprise to monitor Azure infrastructures, other clouds, and on-premises infrastructure and applications. Please see the links below for relevant information:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.eginnovations.com\/supported-technologies\/azure-monitoring\" target=\"blank\" rel=\"noopener noreferrer\">Azure Monitoring<\/a><\/li>\n<li><a href=\"https:\/\/www.eginnovations.com\/supported-technologies\/azure-virtual-desktop-monitoring-avd\" target=\"blank\" rel=\"noopener noreferrer\">Azure AVD (Azure Virtual Desktops) Monitoring<\/a><\/li>\n<li><a href=\"https:\/\/www.eginnovations.com\/supported-technologies\/microsoft-monitoring\" target=\"blank\" rel=\"noopener noreferrer\">Microsoft Monitoring: One-Stop Shop for Everything Microsoft<\/a><\/li>\n<li><a href=\"https:\/\/www.eginnovations.com\/product\/technologies\" target=\"blank\" rel=\"noopener noreferrer\">Other technologies supported by eG Enterprise<\/a><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>How to Ensure Compliance and Security by Monitoring Azure AD Audit logs Azure Active Directory (Azure AD) is Microsoft\u2019s multi-tenant, cloud-based Identity and Access Management (IAM) service. It takes care of authentication and authorization of user and application identities. It is the digital infrastructure that allows your employees to sign in and access external resources, [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":21932,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[404],"tags":[826,560,825,558,728,586,415,165,166],"class_list":["post-21840","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-azure-monitoring","tag-audit-log-monitoring","tag-azure-active-directory","tag-azure-active-directory-audit-logs","tag-azure-ad","tag-azure-ad-audit-logs","tag-azure-audit-logs","tag-azure-monitoring","tag-it-security-and-compliance","tag-it-security-audit"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Monitoring Azure AD Audit Logs | eG Innovations<\/title>\n<meta name=\"description\" content=\"Leverage Azure AD audit logs with eG Enterprise Azure AD Monitoring. Monitoring Azure AD Audit logs ensures compliance data access &amp; detects threats.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Monitor Azure AD Audit Logs | eG Innovations\" \/>\n<meta property=\"og:description\" content=\"Learn how monitoring data in the Azure AD Audit log ensures that you will have access to critical compliance data beyond Microsoft\u2019s 30-day default retention period.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/\" \/>\n<meta property=\"og:site_name\" content=\"eG Innovations\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/eGInnovations\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-07T07:37:45+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-11-18T00:12:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-fb.jpg\" \/>\n<meta name=\"author\" content=\"Babu Sundaram\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Monitor Azure AD Audit Logs | eG Innovations\" \/>\n<meta name=\"twitter:description\" content=\"Learn how monitoring data in the Azure AD Audit log ensures that you will have access to critical compliance data beyond Microsoft\u2019s 30-day default retention period.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-fb.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/virtualinfra76?lang=en\" \/>\n<meta name=\"twitter:site\" content=\"@eginnovations\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Babu Sundaram\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Monitoring Azure AD Audit Logs | eG Innovations","description":"Leverage Azure AD audit logs with eG Enterprise Azure AD Monitoring. Monitoring Azure AD Audit logs ensures compliance data access & detects threats.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/","og_locale":"en_US","og_type":"article","og_title":"Monitor Azure AD Audit Logs | eG Innovations","og_description":"Learn how monitoring data in the Azure AD Audit log ensures that you will have access to critical compliance data beyond Microsoft\u2019s 30-day default retention period.","og_url":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/","og_site_name":"eG Innovations","article_publisher":"https:\/\/www.facebook.com\/eGInnovations","article_published_time":"2022-04-07T07:37:45+00:00","article_modified_time":"2022-11-18T00:12:13+00:00","og_image":[{"url":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-fb.jpg","type":"","width":"","height":""}],"author":"Babu Sundaram","twitter_card":"summary_large_image","twitter_title":"Monitor Azure AD Audit Logs | eG Innovations","twitter_description":"Learn how monitoring data in the Azure AD Audit log ensures that you will have access to critical compliance data beyond Microsoft\u2019s 30-day default retention period.","twitter_image":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-fb.jpg","twitter_creator":"@https:\/\/twitter.com\/virtualinfra76?lang=en","twitter_site":"@eginnovations","twitter_misc":{"Written by":"Babu Sundaram","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#article","isPartOf":{"@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/"},"author":{"name":"Babu Sundaram","@id":"https:\/\/www.eginnovations.com\/blog\/#\/schema\/person\/5f7590f77be55ecf13f1b8d915ac39df"},"headline":"Monitor Azure Active Directory Audit Logs","datePublished":"2022-04-07T07:37:45+00:00","dateModified":"2022-11-18T00:12:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/"},"wordCount":1038,"commentCount":0,"publisher":{"@id":"https:\/\/www.eginnovations.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-Thumbnail.jpg","keywords":["Audit Log monitoring","Azure Active Directory","Azure Active Directory Audit logs","Azure AD","Azure AD Audit Logs","Azure Audit Logs","Azure Monitoring","IT Security and Compliance","IT Security Audit"],"articleSection":["Azure Monitoring"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/","url":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/","name":"Monitoring Azure AD Audit Logs | eG Innovations","isPartOf":{"@id":"https:\/\/www.eginnovations.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#primaryimage"},"image":{"@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-Thumbnail.jpg","datePublished":"2022-04-07T07:37:45+00:00","dateModified":"2022-11-18T00:12:13+00:00","description":"Leverage Azure AD audit logs with eG Enterprise Azure AD Monitoring. Monitoring Azure AD Audit logs ensures compliance data access & detects threats.","breadcrumb":{"@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#primaryimage","url":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-Thumbnail.jpg","contentUrl":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2022\/03\/Azure-AD-Audit-Thumbnail.jpg","width":362,"height":235},{"@type":"BreadcrumbList","@id":"https:\/\/www.eginnovations.com\/blog\/monitor-azure-ad-audit-logs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.eginnovations.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Monitor Azure Active Directory Audit Logs"}]},{"@type":"WebSite","@id":"https:\/\/www.eginnovations.com\/blog\/#website","url":"https:\/\/www.eginnovations.com\/blog\/","name":"eG Innovations","description":"IT Performance Monitoring Insights","publisher":{"@id":"https:\/\/www.eginnovations.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.eginnovations.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.eginnovations.com\/blog\/#organization","name":"eG Innovations","alternateName":"eg innovations","url":"https:\/\/www.eginnovations.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eginnovations.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2014\/07\/eg-logo-dark-gray1_new.jpg","contentUrl":"https:\/\/www.eginnovations.com\/blog\/wp-content\/uploads\/2014\/07\/eg-logo-dark-gray1_new.jpg","width":362,"height":235,"caption":"eG Innovations"},"image":{"@id":"https:\/\/www.eginnovations.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/eGInnovations","https:\/\/x.com\/eginnovations"]},{"@type":"Person","@id":"https:\/\/www.eginnovations.com\/blog\/#\/schema\/person\/5f7590f77be55ecf13f1b8d915ac39df","name":"Babu Sundaram","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.eginnovations.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d28fef01834f3b388d7d825216013937?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d28fef01834f3b388d7d825216013937?s=96&d=mm&r=g","caption":"Babu Sundaram"},"sameAs":["https:\/\/x.com\/https:\/\/twitter.com\/virtualinfra76?lang=en"],"url":"https:\/\/www.eginnovations.com\/blog\/author\/babusundaram\/"}]}},"modified_by":"HawkSEM eG","_links":{"self":[{"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/posts\/21840","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/comments?post=21840"}],"version-history":[{"count":0,"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/posts\/21840\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/media\/21932"}],"wp:attachment":[{"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/media?parent=21840"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/categories?post=21840"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.eginnovations.com\/blog\/wp-json\/wp\/v2\/tags?post=21840"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}