PIM Builtin Alerts in Audit Log

Occasional Contributor



We would like create an Sentinel alert rule for the builtin alert in PIM: "Roles are being assigned outside of Privileged Identity Management" Are these builtin alerts traceble in the AD Audit Logs?


Regards, Erik

1 Reply

@Erik_Snijder I think you just might need to use the MCAS Alerts for this, and integrate MCAS to Sentinel