Introduction
Microsoft Entra ID audit and diagnostic logs provide a rich view into how users are accessing your Azure solution. Learn to monitor, troubleshoot, and analyze sign-in data.
In this module, you will:
- Learn about sign-in, audit, and diagnostic logs.
- Learn about managing sign-in through a third-party security information and event management (SIEM) tool.
- Learn about reporting.
- Explore the identity secure score.
Learning objectives
By the end of this module you should be able to:
- Analyze and investigate sign-in logs to troubleshoot access issues.
- Review and monitor Microsoft Entra audit logs.
- Enable and integrate Microsoft Entra diagnostic logs with Log Analytics / Microsoft Sentinel.
- Export sign-in and audit logs to a third-party SIEM tool.
- Review Microsoft Entra activity by using Log Analytics / Microsoft Sentinel, excluding KQL use.
- Analyze Microsoft Entra workbooks/reporting.
- Monitor security posture with identity secure score.
- Configure notifications.
Prerequisites
None