Mar 01 2022 09:04 AM
There are three new logs available for Azure Active Directory, but only two are currently populating data. Once enabled they will generate the following new tables:
AADServicePrincipalRiskEvents – Logs generated by identity protection for Azure AD service principal risk events.
AADRiskyServicePrincipals – Logs generated by identity protection for Azure AD risky service principals.
NetworkAccessTrafficLogs – details still being surfaced – check back