Finding out who shared files externally through graph api auditLogs/directoryAudits

n1dy4t 51 Reputation points
2022-02-02T14:16:24.47+00:00

Hello,

i am trying to find out who has shared files on our SharePoint Online tenant. Our current working approach
to this is through a powershell script that works with Exchange Online Management module, gets the specific data and exports it to a csv.

We want to reconstruct this in power automate though and for this we also want to work with the graph api instead.
I tried fetching information through the auditLogs/directoryAudits endpoint of the graph api. Here is the full endpoint: 

https://graph.microsoft.com/v1.0/auditLogs/directoryAudits?&$filter=activityDateTime gt 2022-02-01T01:00:00.000Z and activityDateTime lt 2022-02-01T23:00:00.000Z

This returns some information but it doesn't return the information about me creating external sharing links.
But when i open the audit logs in m365 compliance UI i can see them.

I also tried filtering specifically for the activityDisplayName or the ID but i get no information back.
I created the calls either on the graph explorer or through a powershell query.

I came to conclusion that the endpoint doesn't return me the information about who created external sharing links for sharepoint.
Is this correct? Does an alternative endpoint exist? Or is my only way to programmatically fetch the data to use powershell?

Thanks!

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,628 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,668 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,573 questions
Accepted answer
  1. RaytheonXie_MSFT 31,071 Reputation points Microsoft Vendor
    2022-02-03T07:29:30.46+00:00

    Hi @n1dy4t ,
    Per my test, I agree with your opinion. It won't return who created external sharing link. Thanks for letting us know your user experience.
    When I received the case, I searched a lot of documents did a lot of researches. And I feel regretful to inform you that it turns out to be a by-design one.

    And I noticed that some end users have also proposed the same request, it is highly recommended that you can raise a feedback here. Many features of our current products are designed and upgraded based on customers’ feedback. With requirements like this increase, the problem may well be released in the future. Thanks for your understanding.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    2 people found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest