This is a policy name and language enhancement proposal that can be voted on by the team.
For Defender 6.1 we name the policy “Purview Audit Standard logging” but ScubaGear checks if the unified audit log is turned on. Is the unified audit log the same thing as audit standard logging? “Audit standard” refers to a license type that defines which events by default are captured in the 365 audit log whereas the “unified audit log” seems to describe a log that has events from all services (aka unified). They seem like words describing different characteristics of the logs. Should the policy be renamed to reflect the term unified audit log since that is what the tool actually checks?
Motivation and context
Scuba policies should be aligned with what ScubaGear checks so that there is no ambiguity to the user.
đź’ˇ Summary
This is a policy name and language enhancement proposal that can be voted on by the team.
For Defender 6.1 we name the policy “Purview Audit Standard logging” but ScubaGear checks if the unified audit log is turned on. Is the unified audit log the same thing as audit standard logging? “Audit standard” refers to a license type that defines which events by default are captured in the 365 audit log whereas the “unified audit log” seems to describe a log that has events from all services (aka unified). They seem like words describing different characteristics of the logs. Should the policy be renamed to reflect the term unified audit log since that is what the tool actually checks?
Motivation and context
Scuba policies should be aligned with what ScubaGear checks so that there is no ambiguity to the user.