风险区域Log Analytics列显示为隐藏或特殊字符 [英] Risk area Log Analytics columns showing as hidden or a special character
问题描述
下午好,
当我尝试查询Log Analytics工作区时,我正在喂食Azure AD的登录,RiskEventTypes,RiskDetails,RiskLeveDuringSignOn等列显示"隐藏"等。或者是盒子的特殊字符。 这些列是否无法查询
? 我正在尝试为Risky SignIns等构建报告,警报和仪表板。 这可能是P1许可吗?我知道P2有访问评论,PIM等,但我们被告知我们应该能够至少
使用Log Analytics工作区查询此信息。 我仍然可以在Azure AD中标记为风险和风险事件刀片的用户中看到此信息。 我希望能够创建一种更清晰,更动态的方式来检查这些数据。 谢谢
的帮助!
When I try to query the Log Analytics workspace, where I am feeding sign-ins for Azure AD, the columns for RiskEventTypes, RiskDetails, RiskLeveDuringSignOn, and so on are showing "hidden" or a special character of a box. Are these columns unable
to be queried? I am trying to build reports, alerts, and dashboards for Risky SignIns and the like. Is this possible with a P1 license? I know that the P2 has Access Reviews, PIM, and the like, but we were told that we should be able to at least
query this information with a Log Analytics workspace. I can still see this information within Users flagged for risk and Risk Events blades in Azure AD. I was hoping to a create a cleaner and more dynamic way to check this data. Thank you
for the help!
推荐答案
嗨Ed,
这些值仅适用于Azure AD Premium P2客户。所有其他客户将以"隐藏"的形式返回。
These values are only available for Azure AD Premium P2 customers. All other customers will be returned as "hidden."
如果任何其他属性被列为隐藏,则可能表示未为Azure AD启用用户或登录身份保护。
If any other property is listed as hidden it can mean that the user or sign-in was not enabled for Azure AD Identity Protection.
可以在此处阅读有关每种可用属性的详细信息: https://docs.microsoft.com/en-us/graph/api/resources/signin?view=graph-rest-beta
The details about which properties are available for each can be read here: https://docs.microsoft.com/en-us/graph/api/resources/signin?view=graph-rest-beta
希望这会有所帮助!
Hope this helps!
这篇关于风险区域Log Analytics列显示为隐藏或特殊字符的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
