Conditional Access "Monitoring" only shows admins in Activity Log

Paul Brock · ‎Oct 05 2020

We have monitoring set up with Conditional Access App Control. I have onboarded a handful of applications including Office 365 and I can see that my Conditional Access App Control Apps are connected. I have applied a policy to monitor all users. When I check the Activity Log tab I only see users who have a security role listed with logged activity. I see people that are Global Admins, Global Readers, Security Admins but not regular users logged in the Activity Log tab.

Is the behavior expected? Am I missing the point of monitoring the applications?

Sarahzin_Shane · ‎Oct 06 2020

Hi @Paul Brock!

Do you mind providing a couple screenshots of your AAD CA Policy and MCAS CAAC Policy? This isn't typical behavior and should monitor all users for that application. Is your AAD CA policy scoped to a specific group of admins? Also, is your MCAS deployment scoped for Admins for that specific app under Settings -> Scoped Deployment? Lastly, do you have activity privacy implemented?

Thank you!

Paul Brock · ‎Oct 06 2020

@Sarahzin_Shane Thank you so much. It was scoped by accident.

Conditional Access "Monitoring" only shows admins in Activity Log

Conditional Access "Monitoring" only shows admins in Activity Log

Re: Conditional Access "Monitoring" only shows admins in Activity Log

Re: Conditional Access "Monitoring" only shows admins in Activity Log

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Conditional Access "Monitoring" only shows admins in Activity Log

Conditional Access "Monitoring" only shows admins in Activity Log

Re: Conditional Access "Monitoring" only shows admins in Activity Log

Re: Conditional Access "Monitoring" only shows admins in Activity Log