Microsoft Azure Active Directory diagnostic logs

Original product version:   Azure Active Directory
Original KB number:   4494802

To troubleshoot issues that are related to Azure Active Directory (Azure AD), Microsoft Support and the Azure Active Directory engineering team can view and download diagnostic logs that are associated with your Azure AD tenant and on-premises configuration. Microsoft may access (or make temporary copies of) the data to help resolve your support incident.

More information

The following table explains the kinds of data that are associated with your Azure AD tenant and that may be accessed while we troubleshoot your support incident. Additionally, you may be asked to provide the same types of data from your company's on-premises environment. Depending upon your tenant, this information may be automatically uploaded to the Azure AD service or be requested by the Microsoft Support Engineer to assist in troubleshooting your support incident.

Type Description
Microsoft Azure Active Directory Objects Information that's maintained in the Azure AD tenant or synchronized from Active Directory on-premises environment, such as Tenant, User, Group, Device, and related metadata.
Service configuration Tenant configuration and settings that are related to your Azure tenant
Azure AD audit and sign-in logs Sign-in logs, audit logs, device registration logs, data previously uploaded (such as Authenticator App logs), and telemetry that is related to the health of service. 

Note System-generated logs contain identifiable information about end users, such as a user name. Telemetry contains primarily pseudonymized data, such as unique identifiers that are generated by the system. This data cannot, on its own, identify individual people. However, it can be used to deliver the enterprise services to users.

Contact us for help

If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure community support.