cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Narrow down Search-UnifiedAuditLog results

AZ365
Copper Contributor

‎Sep 29 2023 09:02 AM

‎Sep 29 2023 09:02 AM

Narrow down Search-UnifiedAuditLog results

Hi,

 

I need to do audit log search for a particular OneDrive using Search-UnifiedAuditLog in order to generate monthly activity report. However, it seems there is no option to search based on a OneDrive. It's inefficient to search all M365 and then filter the huge results to find the entries relevant to the particular OneDrive. In addition, Search-UnifiedAuditLog limits the number of rows returned if I understand correctly. Any suggestions?

 

Thank you.

130 Views
0 Likes
1 Reply
Reply
1 Reply
AZ365

‎Sep 29 2023 01:51 PM

‎Sep 29 2023 01:51 PM

Re: Narrow down Search-UnifiedAuditLog results

I see I can use -RecordType to limit the search to SharePoint/OneDrive operations. However, it's still capped at 5,000 records which can be reached easily. It will be much better to be able to specify the scope of search as narrow as possible to be more efficient.
0 Likes
Reply