purview-v1.11.6

PAX Purview Audit Log Processor v1.11.6

Version 1.11.6 is a targeted reliability release that resolves four independent customer-reported issues in the remote-output and authentication paths. It adds no parameters, changes no switch semantics, and makes no output-schema changes — each fix is scoped to the Microsoft Fabric / OneLake destination handling, certificate logon, or SharePoint upload plumbing. Existing commands are unchanged.

What's new in v1.11.6

• Microsoft Fabric OneLake GUID URL support. A Fabric / OneLake destination may now be addressed by GUID — https://onelake.dfs.fabric.microsoft.com/<workspaceId>/<itemId> with no .Lakehouse suffix, the form the Fabric portal exposes in the item URL — in addition to the existing name form (<workspace>/<item>.Lakehouse). Previously a pasted GUID URL was rejected at the command-line destination gate. Both forms now work end-to-end across upload, Delta-write, download, and resume, and regional OneLake aliases are accepted for both.

• Delta tables from a Lakehouse root destination. Pointing -OutputPath (or a per-data-type -OutputPath*) at a Lakehouse root URL — name- or GUID-addressed — now writes the customer-visible tables as Delta tables under Tables/, with operational artifacts (run log, metrics, checkpoint) under Files/, matching the documented behavior. Previously a bare root URL uploaded the CSVs as plain files under Files/. An explicit /Files/... destination — even one whose trailing segment looks like a GUID — is correctly left as a file upload, and the automatic Files/-upload fallback on a Delta-write failure is retained.

• Certificate logon searches both certificate stores. App-registration certificate logon (-Auth AppRegistration with -ClientCertificateThumbprint) now searches both the CurrentUser\My and LocalMachine\My certificate stores, so a certificate installed machine-wide on a server is found even on a run that defaults to CurrentUser. The supplied thumbprint is normalized, the resolved certificate is pinned for the run and reused on token refresh, and a clearer error is emitted when only the public certificate — without an accessible private key — is installed. -ClientCertificateStoreLocation now selects the preferred (first-searched) store.

• Reliable SharePoint upload of larger files. Larger output files now upload more reliably to SharePoint, and any upload failure now reports the underlying Microsoft Graph error reason instead of an opaque BadRequest. Files up to a conservative size cap use Graph's single-request simple upload (the same path that already works for small artifacts), so moderate rollup CSVs no longer depend on the resumable upload-session API that some locked-down libraries or egress proxies reject; genuinely large files continue to use the chunked upload-session path.

---

The attached script is the v1.11.6 release build. See the documentation in the repository for full configuration details.