Azure Active Directory portal offers a lot of services but one of the foremost is the user activity reporting consisting of activity and security.
The reporting opens to your security policies the user sign-in exposure and attempts. It niche to the events IP address, date and time, location, and device information.
The report also provide answers such as the sign-in pattern of a user, how many users signed in over a period, what is the status of the sign-in? Is it failure or success?
All these are very helpful for the security netizens administering the corporate Azure AD.
The user activity reporting architecture in AAD, Azure Active Directory or Azure AD consists of the following components:
- Sign-ins – Information about the usage of managed applications and user sign-in activities.
- Audit logs – Audit logs provide system activity information about users and group management, managed applications, and directory activities.
- Risky sign-ins – A risky sign-in is an indicator for a sign-in attempt by someone who isn’t the legitimate owner of a user account.
- Users flagged for risk – A risky user is an indicator for a user account that might have been compromised.
For more tips follow