MFA Fraud Report + Sign In Correlation

redacted 21 Reputation points

Is there a way through Log Analytics to match a MFA fraud report to the sign in that prompted it?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,471 questions
{count} votes

Accepted answer
  1. VipulSparsh-MSFT 15,981 Reputation points

    @redacted Thanks for reaching out.

    All the Fraud MFA reporting comes under Authentication Details under Sign in logs. Sign logs table in Log explorer can help you find more.
    I do not have the date set in my tenant.

    But I will start from the SignIN logs table to find more :


    You can filter further for Fraud reporting Keywords mentioned here :

    I can work with you to find the desired results on your dataset if you need further help.


    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

0 additional answers

Sort by: Most helpful