Microsoft Audit Log integration gets data from your audit log, extending your SaaS Discovery. In addition to this, it provides valuable insights to which employees used company credentials to access tools and services.
When users are logging in to various SaaS Applications and Services using SSO, we map this data and can assess the risk of permissions users grant to various Apps and Services, thus integrating with Microsoft Audit Log is extremely helpful in your IT Management.
Integration prerequisite
A user integrating to Microsoft Audit log needs to have
Azure AD Premium P1 (or above)license - see here
How to integrate
From Integration Center click on Microsoft Audit Log Integration card
โ
2. On the setup page, authorize to Microsoft with you work account
3. Save the integration - that's it! We will start fetching your data and enrich your Application Discovery.
Note on data and permissions:
The endpoint used to extract needed information is documented here: Microsoft Graph API
The permissions needed for this integration to be able to fetch data are:
- AuditLog.Read.All
- Directory.Read.All
The fields fetched and mapped to an Employee in the Viio Platform are:
- id
- createdDateTime
- userId
- userPrincipalName
- appDisplayName
All other fields available in the SignIn object are discarded.