I have a user that fell for a phishing scam, the investigating party is wanting sign in information from the incident but was about 100 days ago. is there anyway to gain access to those logs for legal investigation purposes?
Specifically i am looking for the User sign-in logs in the Azure AD.
Thanks for any help!!