| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| AADOperationType |
Type of the operation. Possible values are Add Update Delete and Other. |
String |
| AADTenantId |
ID of the ADD tenant |
String |
| ActivityDateTime |
Date and time the activity was performed in UTC. |
DateTime |
| ActivityDisplayName |
Activity name or the operation name. Examples include Create User and Add member to group. For full list see Azure AD activity list. |
String |
| AdditionalDetails |
Indicates additional details on the activity. |
Object |
| Category |
Currently Audit is the only supported value. |
String |
| CorrelationId |
Optional GUID that’s passed by the client. Can help correlate client-side operations with server-side operations and is useful when tracking logs that span services. |
String |
| DurationMs |
Property is not used and can be ignored. |
Int64 |
| Id |
GUID that uniquely identifies the activity. |
String |
| Identity |
Identity from the token that was presented when the request was made. The identity can be a user account system account or service principal. |
String |
| InitiatedBy |
User or app initiated the activity. |
Object |
| Level |
Message type. This is currently always Informational. |
String |
| Location |
Location of the datacenter. |
String |
| LoggedByService |
Service that initiated the activity (For example: Self-service Password Management Core Directory B2C Invited Users Microsoft Identity Manager Privileged Identity Management. |
String |
| OperationName |
Name of the operation. |
String |
| OperationVersion |
REST API version that’s requested by the client. |
String |
| Resource |
|
String |
| ResourceGroup |
|
String |
| ResourceId |
Unique identifier of the resource accessed |
String |
| ResourceProvider |
|
String |
| Result |
Result of the activity. Possible values are: success failure timeout unknownFutureValue. |
String |
| ResultDescription |
Additional description of the result. |
String |
| ResultReason |
Describes cause of failure or timeout results. |
String |
| ResultSignature |
Property is not used and can be ignored. |
String |
| ResultType |
Result of the operation. Possible values are Success and Failure. |
String |
| SourceSystem |
|
String |
| TargetResources |
Indicates information on which resource was changed due to the activity. Target Resource Type can be User Device Directory App Role Group Policy or Other. |
Object |
| TimeGenerated |
Date and time the record was created. |
DateTime |
| Type |
The name of the table |
String |