Hi @Mohamed Javeed Thettilayil
Thanks for reaching out.
Would it be possible to grant an single AAD app "X" access to signin logs of another single AAD app "Y"?
Yes, you can achieve this using Azure Lighthouse which enables multi-tenant management.
Also, once the data is in an Event Hub, you can write a Logic App to process the data and write it to the Logic App in the new tenant. You can use "Azure Log Analytics Data Collector" to write to a Log Analytics Workspace.
could I forward the signin logs just for the AAD app "Y" to a log analytics workspace?
Yes, you can configure log analytics workspace to collect the sign in logs. You can filter the app "Y" client id in the Kusto query to send only app related logs.
SigninLogs project ClientAppUsed, ConditionalAccessStatus, Status
Hope this will help.
Thanks,
Shweta
Please remember to "Accept Answer" if answer helped you.