Forum Discussion

xStevex's avatar
xStevex
Copper Contributor
Aug 03, 2022

How to export logs that contain name of Conditional Access policies?

Hi!

I created new conditional access (CA) policy and set up it as "Report-Only".

Now, I want to see who is affected by this specific policy.

I exported sign-in logs from Azure, but there is no Column (Field) with CA policy name. I can see only CA status (Success, Failure, Not applied), but I don't see what specific policy worked out.


How can I see to which users applied the specific CA policy?

Conditional Access

3 Replies

  • Tiennes's avatar
    Tiennes
    Brass Contributor
    Aug 03, 2022

    Hi xStevex,

     

    You can connect your Azure AD to a Log Analytics Workspace. After the connection is established, you can go to the Azure AD Portal --> All Services --> Azure AD Conditional Access --> Insights and Reporting, here you can see the reports in detail. 

     

    If you have any questions, please let me know.

     

    Regards,

    Tiennes

    • xStevex's avatar
      xStevex
      Copper Contributor
      Aug 04, 2022

      TiennesHi!

      Thanks!

      There is any other possibility to get those data?

      I don't have Log Analytics Workspace now and I must configure it. I'm not sure if it is an easy process. Perhaps I need to invite another team to this.

      • Tiennes's avatar
        Tiennes
        Brass Contributor
        Aug 04, 2022

        Hi xStevex,

         

        In my opinion, the Log Analytics Workspace is your best shot. It's easy to set up and very convenient for doing an in-depth analysis of the outcome of your "Report-Only" Conditional Access Policies.

         

        For more information: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-insights-reporting

         

        With Regards,

        Tiennes

Resources