New Blog Post | How to Enable Two New Logs to Monitor Azure Active Directory in Microsoft Sentinel

AshleyMartin · ‎Mar 01 2022

How to Enable Two New Logs to Monitor for Azure Active Directory in Microsoft Sentinel – Azure Cloud...

There are three new logs available for Azure Active Directory, but only two are currently populating data. Once enabled they will generate the following new tables:

AADServicePrincipalRiskEvents – Logs generated by identity protection for Azure AD service principal risk events.

AADRiskyServicePrincipals – Logs generated by identity protection for Azure AD risky service principals.

NetworkAccessTrafficLogs – details still being surfaced – check back

Marek_Belan · ‎Apr 12 2022

@AshleyMartin what is NetworkAccessTrafficLogs for?

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

New Blog Post | How to Enable Two New Logs to Monitor Azure Active Directory in Microsoft Sentinel

New Blog Post | How to Enable Two New Logs to Monitor Azure Active Directory in Microsoft Sentinel

Re: New Blog Post | How to Enable Two New Logs to Monitor Azure Active Directory in Microsoft Sentin