How to export logs that contain name of Conditional Access policies?

Question

Hi!I created new conditional access (CA) policy and set up it as "Report-Only".Now, I want to see who is affected by this specific policy.I exported sign-in logs from Azure, but there is no Column (Field) with CA policy name. I can see only CA status (Success, Failure, Not applied), but I don't see what specific policy worked out.How can I see to which users applied the specific CA policy?

tiennes · Answer

Hi&nbsp;xStevex,&nbsp;You can connect your Azure AD to a&nbsp;Log Analytics Workspace.&nbsp;After the connection is established, you can go to the Azure AD Portal --&gt;&nbsp;All Services&nbsp;--&gt;&nbsp;Azure AD Conditional Access&nbsp;--&gt;&nbsp;Insights and Reporting, here you can see the reports in detail.&nbsp;&nbsp;If you have any questions, please let me know.&nbsp;Regards,Tiennes

xstevex · Answer

TiennesHi!Thanks!There is any other possibility to get those data?I don't have Log Analytics Workspace now and I must configure it. I'm not sure if it is an easy process. Perhaps I need to invite another team to this.

tiennes · Answer

Hi xStevex,&nbsp;In my opinion, the Log Analytics Workspace is your best shot. It's easy to set up and very convenient for doing an in-depth analysis of the outcome of your "Report-Only" Conditional Access Policies.&nbsp;For more information: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-insights-reporting&nbsp;With Regards,Tiennes

Forum Discussion

How to export logs that contain name of Conditional Access policies?

Share

Resources