We are doing some auditing of our users sharing for Sharepoint in our tenant to get a report of how long each sharepoint item has been shared, who shared the item and who has gotten access. (Made a PowerShell script to request from Graph API, but thats a different story). While looking through the results of said script I noticed that many of the Sharepoint items that were shared didn't show any permissions (other than the owner of the file obviously and some admin accounts). I went to the location of one of the items in SharePoint Online and opened the "manage access" menu and sure enough I could not see any permissions set on the file even though the Sharing attribute was clearly set to "Shared". I clicked the "Advanced" link and then I could see some users that seems to have access through some sharing link even though I can't find said link. All users that have access to the file in the pictrues are internal, but I can find other items in our tenant with the same symptoms which are shared to external users as well. The users you can see under Direct Access in the pictures are 3 admin-accounts and the owner of the file.
So my question then is;
How can we audit and revoke said permissions when you can't even find the sharing link?
We recently turned off Anonymous sharing links and I am wondering if this could be the reason. What would happen if a file was shared with an anonymous link and then we disabled anonymous sharing? Would the permissions get revoked or would there still traces of the sharing as we are probably seeing here?