![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 42%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERC%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,277 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
PIM activities automatically generate many logs when actions are taken in PIM (adding or removing members). The ones you listed are all related to PIM activities that were canceled or requested. If you filter by the Audit Category, you can check for related activities. For example, the GroupManagement category will query "Add member to role in PIM canceled (permanent).
If your goal is to recreate the PIM events you listed, could you please provide more information on what you would like to achieve and what you have tried so far?
The events should get generated by performing the actions described (canceling the role addition or requesting to add a member to a role). The list of audit activities for PIM is documented here: https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/reference-audit-activities#privileged-identity-management-pim
If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions. Otherwise let me know if you have further questions.