Azure Audit Graph API vs Search-UnifiedAuditLog or other


  • Doees anyone know if I should I be using the Graph API or Search-UnifiedAuditLogto retrieve logs from Azure AD and Office 365?

    or any other API ?

    Many thanks



    Wednesday, March 8, 2017 12:23 PM

All replies

  • For Azure AD audit logs, you can use either, but if you want Office 365 details that are not specific to Azure AD (e.g. Exchange and SharePoint activity), you need to use Search-UnifiedAuditLog.
    Friday, March 10, 2017 8:12 AM
  • Kev,

    For now, I would use the released cmdlets.  It is worth while to check the information from time to time that you can retrieve the APIs themselves.  I would suggest posting questions on if you find differences or are looking for more detailed explanations of the APIs and the cmdlets.

    The key is that the APIs are all preview and are expected to change over time as issues are reported or discovered.

    Hope this helps.

    MaxV (MSFT)

    Friday, March 10, 2017 2:08 PM