search

microsoft / coe-starter-kit

Other
736 stars 215 forks source link

[CoE Starter Kit - QUESTION] Audit Logs Security #8363

Closed GarryPope closed 3 months ago

GarryPope commented 3 months ago

Does this question already exist in our backlog?

What is your question?

Good morning CoE Team,

I hope you are well.

I have a few questions regarding the collection of the audit logs, please. I did the set up rather fast, so may have missed some key points. Below are my questions. Thanks!

  1. Audit Logs Permissions - Whenever I've wanted to enable collecting the audit logs, there has been, rightly, long conversations with security teams. Is there a way to limit the collection of only audit logs for the Power Platform e.g., canvas apps? I think this might be done at the "app registrations" level. I believe the Flow filters to only get certain log types from the audit logs, but this, I believe, could be edited to get other things from the audit logs if they are not correctly configured.
  2. Audit Logs Cost - Regarding the audit logs that the Flow collects the data from, is there a cost for the audit logs? I'm not talking about Dataverse cost, but the actual cost of the audit logs in Microsoft 365.

Sorry for the questions, I believe this is a superb feature of the CoE, I just want to be able to answer any questions around the security of this feature. Any help would be greatly appreciated.

Thanks very much,

Garry

What solution are you experiencing the issue with?

Audit Log

What solution version are you using?

4.31

What app or flow are you having the issue with?

No response

What method are you using to get inventory and telemetry?

Cloud flows

AB#3376

Jenefer-Monroe commented 3 months ago

Please don't feel a need to apologize for questions, thats what we are here for!

  1. Unfortunately there is not with this API. There are no filtering capabilities to the backend.
  2. I believe you can pay more to have a longer look back period. But for the month-ish of data they store for you, to my knowledge there is not a cost associated with those logs.
GarryPope commented 3 months ago

Hello @Jenefer-Monroe,

Thanks for the updated. Shame about option 1, if I find anything out, I'll come back to you. Please close this ticket.

Garry