Mar 20 2020
I'm still new to Azure Log Analytics, my aim is to use a KQL query to retrieve some sign-in logs and filter them by including only members of a specific Azure AD Group.
When using "SigninLogs" I can't identify a field for group membership. I'm thinking about using the "identity" field to correlate users with groups but I'm still not able to find a way to that.
Do you have some similar experience to share?
Thanks for your help