script for scanning permission groups

Morales, Emma L STF (CTR) 61 Reputation points


I'm in need of running a scan on a Sharepoint Online tenant to detect any changes to permission groups. Thank you

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,407 questions
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,266 questions
0 comments No comments
{count} votes

Accepted answer
  1. Yi Lu_MSFT 17,471 Reputation points

    Hi @Morales, Emma L STF (CTR)
    You could use the following code:

    Search-UnifiedAuditLog -EndDate (Get-Date) -StartDate (Get-Date).AddDays(-90) -Operations "GroupAdded","GroupRemoved" | export-csv c:\AuditReport.csv  

    You could add the cmdlet into "Operations" such as "AddedToGroup","GroupRemoved" as your own need, you could refer to this article to find the cmdlet:

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful