![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 6%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETA%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,645 questions
Hi @Torben Andersen ,
Yes, you can monitor Partner logins to your Azure Tenant using their CSP Partner login. Partners with an Azure Active Directory P2 license automatically qualify to keep audit and sign-in log data up to 30 days.
You can confirm that audit logging is in place where delegated administrator accounts are used and that logs are capturing the maximum level of details provided by the service. Logs should be retained for an acceptable period (up to 30 days) that allows for detection of anomalous activity.
Additionally, you can review and audit Azure AD sign-ins and configuration changes using the Azure AD sign-in logs, Azure AD audit logs, and the Microsoft Purview compliance portal. You can see a filtered view of partner sign-ins by going to the sign-in logs in the Azure AD admin portal and adding the filter Cross-tenant access type: Service provider on the User-sign ins (non-interactive) tab.
References:
- CSP security best practices - Monitoring best practices
- Azure AD audit activity reference
- Customer security best practices
- Analyze Azure AD activity logs with Log Analytics
Just FYI, this response is partially based on Q&A AI Assist and posted after manually validating the accuracy of the response and making necessary changes as appropriate.