Skip to content

Latest commit

 

History

History
57 lines (34 loc) · 2.91 KB

pim-how-to-use-audit-log.md

File metadata and controls

57 lines (34 loc) · 2.91 KB
Raw
title description author manager ms.service ms.topic ms.subservice ms.date ms.author ms.reviewer ms.custom
View audit log report for Microsoft Entra roles in Microsoft Entra PIM
Learn how to view the audit log history for Microsoft Entra roles in Microsoft Entra Privileged Identity Management (PIM).
barclayn
amycolannino
entra-id-governance
how-to
privileged-identity-management
09/13/2023
barclayn
shaunliu
pim

View audit history for Microsoft Entra roles in Privileged Identity Management

You can use the Microsoft Entra Privileged Identity Management (PIM) audit history to see all role assignments and activations within the past 30 days for all privileged roles. If you want to retain audit data for longer than the default retention period, you can use Azure Monitor to route it to an Azure storage account. For more information, see Archive Microsoft Entra logs to an Azure storage account. If you want to see the full audit history of activity in your organization in Microsoft Entra ID including administrator, end user, and synchronization activity, you can use the Microsoft Entra security and activity reports.

Follow these steps to view the audit history for Microsoft Entra roles.

View resource audit history

[!INCLUDE portal updates]

Resource audit gives you a view of all activity associated with your Microsoft Entra roles.

  1. Sign in to the Microsoft Entra admin center as at least a Privileged Role Administrator.

  2. Browse to Identity governance > Privileged Identity Management > Microsoft Entra roles.

  3. Select Resource audit.

  4. Filter the history using a predefined date or custom range.

    :::image type="content" source="media/azure-pim-resource-rbac/rbac-resource-audit.png" alt-text="Screenshot showing the Microsoft Entra role audit list with filters.":::

View my audit

My audit enables you to view your personal role activity.

  1. Sign in to the Microsoft Entra admin center as at least a Privileged Role Administrator.

  2. Browse to Identity governance > Privileged Identity Management > Microsoft Entra roles.

  3. Select the resource you want to view audit history for.

  4. Select My audit.

  5. Filter the history using a predefined date or custom range.

    :::image type="content" source="media/azure-pim-resource-rbac/my-audit-time.png" alt-text="Screenshot showing the Audit list page for the current user.":::

Next steps