Merge pull request #216655 from shlipsey3/reports-howto-updates-103122

howto-updates-103122

Author: Stacyrch140

articles/active-directory/reports-monitoring/how-to-view-applied-conditional-access-policies.md

@@ -1,29 +1,26 @@
 ---
 
 title: View applied Conditional Access policies in Azure AD sign-in logs
-description: Learn how to view Conditional Access policies in Azure AD sign-in logs so that you can assess the impact of those policies.
+description: Learn how to view Conditional Access policies in Azure AD sign-in logs so that you can assess the effect of those policies.
 services: active-directory
-documentationcenter: ''
-author: MarkusVi
+author: shlipsey3
 manager: amycolannino
-editor: ''
-
 ms.service: active-directory
 ms.topic: how-to
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 09/14/2022
-ms.author: markvi
+ms.date: 10/31/2022
+ms.author: sarahlipsey
 ms.reviewer: besiler 
 
 ms.collection: M365-identity-device-management
 ---
 
 # View applied Conditional Access policies in Azure AD sign-in logs
 
-With Conditional Access policies, you can control how your users get access to the resources of your Azure tenant. As a tenant admin, you need to be able to determine what impact your Conditional Access policies have on sign-ins to your tenant, so that you can take action if necessary. 
+With Conditional Access policies, you can control how your users get access to the resources of your Azure tenant. As a tenant admin, you need to be able to determine what effect your Conditional Access policies have on sign-ins to your tenant, so that you can take action if necessary. 
 
-The sign-in logs in Azure Active Directory (Azure AD) give you the information that you need to assess the impact of your policies. This article explains how to view applied Conditional Access policies in those logs.
+The sign-in logs in Azure Active Directory (Azure AD) give you the information that you need to assess the effect of your policies. This article explains how to view applied Conditional Access policies in those logs.
 
 ## What you should know
 
@@ -37,7 +34,7 @@ Some scenarios require you to get an understanding of how your Conditional Acces
 
 - *Helpdesk administrators* who need to look at applied Conditional Access policies to understand if a policy is the root cause of a ticket that a user opened. 
 
-- *Tenant administrators* who need to verify that Conditional Access policies have the intended impact on the users of a tenant.
+- *Tenant administrators* who need to verify that Conditional Access policies have the intended effect on the users of a tenant.
 
 You can access the sign-in logs by using the Azure portal, Microsoft Graph, and PowerShell.  
 
@@ -102,7 +99,7 @@ To view the sign-in logs, use:
 
 `Get-MgAuditLogSignIn`
 
-For more information about this cmdlet, see [Get-MgAuditLogSignIn](https://learn.microsoft.com/powershell/module/microsoft.graph.reports/get-mgauditlogsignin?view=graph-powershell-1.0).
+For more information about this cmdlet, see [Get-MgAuditLogSignIn](/powershell/module/microsoft.graph.reports/get-mgauditlogsignin).
 
 The Azure AD Graph PowerShell module doesn't support viewing applied Conditional Access policies. Only the Microsoft Graph PowerShell module returns applied Conditional Access policies.  
 

articles/active-directory/reports-monitoring/howto-access-activity-logs.md

@@ -2,19 +2,14 @@
 title: Access activity logs in Azure AD | Microsoft Docs
 description: Learn how to choose the right method for accessing the activity logs in Azure AD.
 services: active-directory
-documentationcenter: ''
-author: MarkusVi
+author: shlipsey3
 manager: amycolannino
-editor: ''
-
-ms.assetid: ada19f69-665c-452a-8452-701029bf4252
 ms.service: active-directory
 ms.topic: how-to
-ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 08/26/2022
-ms.author: markvi
+ms.date: 10/31/2022
+ms.author: sarahlipsey
 ms.reviewer: besiler
 
 ms.collection: M365-identity-device-management

articles/active-directory/reports-monitoring/howto-analyze-activity-logs-log-analytics.md

@@ -2,19 +2,14 @@
 title: Analyze activity logs using Azure Monitor logs | Microsoft Docs
 description: Learn how to analyze Azure Active Directory activity logs using Azure Monitor logs
 services: active-directory
-documentationcenter: ''
-author: MarkusVi
+author: shlipsey3
 manager: amycolannino
-editor: ''
-
-ms.assetid: 4535ae65-8591-41ba-9a7d-b7f00c574426
 ms.service: active-directory
 ms.topic: how-to
-ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 08/26/2022
-ms.author: markvi
+ms.date: 10/31/2022
+ms.author: sarahlipsey
 ms.reviewer: besiler
 
 ms.collection: M365-identity-device-management
@@ -35,7 +30,7 @@ To follow along, you need:
 * A [Log Analytics workspace](../../azure-monitor/logs/log-analytics-workspace-overview.md) in your Azure subscription. Learn how to [create a Log Analytics workspace](../../azure-monitor/logs/quick-create-workspace.md).
 * First, complete the steps to [route the Azure AD activity logs to your Log Analytics workspace](howto-integrate-activity-logs-with-log-analytics.md).
 *  [Access](../../azure-monitor/logs/manage-access.md#azure-rbac) to the log analytics workspace
-* The following roles in Azure Active Directory (if you are accessing Log Analytics through Azure Active Directory portal)
+* The following roles in Azure Active Directory (if you're accessing Log Analytics through Azure Active Directory portal)
     - Security Admin
     - Security Reader
     - Report Reader
@@ -93,15 +88,15 @@ You can also set up alerts on your query. For example, to configure an alert whe
 
 4. Select the **Action Group** that will be alerted when the signal occurs. You can choose to notify your team via email or text message, or you could automate the action using webhooks, Azure functions or logic apps. Learn more about [creating and managing alert groups in the Azure portal](../../azure-monitor/alerts/action-groups.md).
 
-5. Once you have configured the alert, select **Create alert** to enable it. 
+5. Once you've configured the alert, select **Create alert** to enable it. 
 
 ## Use pre-built workbooks for Azure AD activity logs
 
 The workbooks provide several reports related to common scenarios involving audit, sign-in, and provisioning events. You can also alert on any of the data provided in the reports, using the steps described in the previous section.
 
-* **Provisioning analysis**: This [workbook](../app-provisioning/application-provisioning-log-analytics.md) shows reports related to auditing provisioning activity, such as the number of new users provisioned and provisioning failures, number of users updated and update failures and the number of users de-provisioned and corresponding failures.    
-* **Sign-ins Events**: This workbook shows the most relevant reports related to monitoring sign-in activity, such as sign-ins by application, user, device, as well as a summary view tracking the number of sign-ins over time.
-* **Conditional access insights**: The Conditional Access insights and reporting [workbook](../conditional-access/howto-conditional-access-insights-reporting.md) enables you to understand the impact of Conditional Access policies in your organization over time. 
+* **Provisioning analysis**: This [workbook](../app-provisioning/application-provisioning-log-analytics.md) shows reports related to auditing provisioning activity. Activities can include the number of new users provisioned, provisioning failures, number of users updated, update failures, the number of users de-provisioned, and corresponding failures.    
+* **Sign-ins Events**: This workbook shows the most relevant reports related to monitoring sign-in activity, such as sign-ins by application, user, device, and a summary view tracking the number of sign-ins over time.
+* **Conditional access insights**: The Conditional Access insights and reporting [workbook](../conditional-access/howto-conditional-access-insights-reporting.md) enables you to understand the effect of Conditional Access policies in your organization over time. 
 
 ## Next steps
 

articles/active-directory/reports-monitoring/howto-configure-prerequisites-for-reporting-api.md

@@ -2,26 +2,21 @@
 title: Prerequisites for Azure Active Directory reporting API | Microsoft Docs
 description: Learn about the prerequisites to access the Azure AD reporting API
 services: active-directory
-documentationcenter: ''
-author: MarkusVi
+author: shlipsey3
 manager: amycolannino
-editor: ''
-
-ms.assetid: ada19f69-665c-452a-8452-701029bf4252
 ms.service: active-directory
 ms.topic: how-to
-ms.tgt_pltfrm: na
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 08/26/2022
-ms.author: markvi
+ms.date: 10/31/2022
+ms.author: sarahlipsey
 ms.reviewer: dhanyahk
 
 ms.collection: M365-identity-device-management
 ---
 # Prerequisites to access the Azure Active Directory reporting API
 
-The [Azure Active Directory (Azure AD) reporting APIs](./concept-reporting-api.md) provide you with programmatic access to the data through a set of REST-based APIs. You can call these APIs from a number of programming languages and tools.
+The [Azure Active Directory (Azure AD) reporting APIs](./concept-reporting-api.md) provide you with programmatic access to the data through a set of REST-based APIs. You can call these APIs from many programming languages and tools.
 
 The reporting API uses [OAuth](../../api-management/api-management-howto-protect-backend-with-aad.md) to authorize access to the web APIs.
 
@@ -126,7 +121,7 @@ This section shows you how to get the following settings from your directory:
 - Client ID
 - Client secret or certificate
 
-You need these values when configuring calls to the reporting API. We recommend using a certificate because it is more secure.
+You need these values when configuring calls to the reporting API. We recommend using a certificate because it's more secure.
 
 ### Get your domain name
 
@@ -147,7 +142,7 @@ You need these values when configuring calls to the reporting API. We recommend
 
 **To get your application's client ID:**
 
-1. In the [Azure portal](https://portal.azure.com), on the left navigation pane, click **Azure Active Directory**.
+1. In the [Azure portal](https://portal.azure.com), on the left navigation pane, select **Azure Active Directory**.
 
     ![Screenshot shows Azure Active Directory selected from the Azure portal menu to get application's client ID.](./media/howto-configure-prerequisites-for-reporting-api/01.png) 
 
@@ -162,13 +157,13 @@ You need these values when configuring calls to the reporting API. We recommend
 
 **To get your application's client secret:**
 
-1. In the [Azure portal](https://portal.azure.com), on the left navigation pane, click **Azure Active Directory**.
+1. In the [Azure portal](https://portal.azure.com), on the left navigation pane, select **Azure Active Directory**.
 
     ![Screenshot shows Azure Active Directory selected from the Azure portal menu to get application's client secret.](./media/howto-configure-prerequisites-for-reporting-api/01.png) 
 
 2.  Select your application from the **App Registrations** page.
 
-3.  Select **Certificates and Secrets** on the **API Application** page, in the **Client Secrets** section, click **+ New Client Secret**. 
+3.  Select **Certificates and Secrets** on the **API Application** page, in the **Client Secrets** section, select **+ New Client Secret**. 
 
     ![Screenshot shows the Certificates & secrets page where you can add a client secret.](./media/howto-configure-prerequisites-for-reporting-api/12.png)
 
@@ -178,7 +173,7 @@ You need these values when configuring calls to the reporting API. We recommend
 
     b. As **Expires**, select **In 2 years**.
 
-    c. Click **Save**.
+    c. Select **Save**.
 
     d. Copy the key value.
 
@@ -214,15 +209,15 @@ If you run into this error message while trying to access sign-ins using Graph E
 
 ![Modify permissions UI](./media/troubleshoot-graph-api/modify-permissions.png)
 
-### Error: Tenant is not B2C or tenant doesn't have premium license
+### Error: Tenant isn't B2C or tenant doesn't have premium license
 
 Accessing sign-in reports requires an Azure Active Directory premium 1 (P1) license. If you see this error message while accessing sign-ins, make sure that your tenant is licensed with an Azure AD P1 license.
 
-### Error: The allowed roles does not include User. 
+### Error: The allowed roles doesn't include User. 
 
  Avoid errors trying to access audit logs or sign-in using the API. Make sure your account is part of the **Security Reader** or **Report Reader** role in your Azure Active Directory tenant.
 
-### Error: Application missing AAD 'Read directory data' permission 
+### Error: Application missing Azure AD 'Read directory data' permission 
 
 ### Error: Application missing Microsoft Graph API 'Read all audit log data' permission
 

articles/active-directory/reports-monitoring/howto-download-logs.md

@@ -3,17 +3,14 @@
 title: How to download logs in Azure Active Directory | Microsoft Docs
 description: Learn how to download activity logs in Azure Active Directory.
 services: active-directory
-documentationcenter: ''
-author: MarkusVi
+author: shlipsey3
 manager: amycolannino
-editor: ''
-
 ms.service: active-directory
 ms.topic: how-to
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 08/26/2022
-ms.author: markvi
+ms.date: 10/31/2022
+ms.author: sarahlipsey
 ms.reviewer: besiler 
 
 ms.collection: M365-identity-device-management

articles/active-directory/reports-monitoring/howto-find-activity-reports.md

@@ -3,17 +3,14 @@
 title: Find user activity reports in Azure portal | Microsoft Docs
 description: Learn where the Azure Active Directory user activity reports are in the Azure portal.
 services: active-directory
-documentationcenter: ''
-author: MarkusVi
+author: shlipsey3
 manager: amycolannino
-editor: ''
-
 ms.service: active-directory
 ms.topic: how-to
 ms.workload: identity
 ms.subservice: report-monitor
-ms.date: 08/26/2022
-ms.author: markvi
+ms.date: 10/31/2022
+ms.author: sarahlipsey
 ms.reviewer: dhanyahk 
 
 ms.collection: M365-identity-device-management
@@ -28,8 +25,7 @@ In this article, you learn how to find Azure Active Directory (Azure AD) user ac
 The audit logs report combines several reports around application activities into a single view for context-based reporting. To access the audit logs report:
 
 1. Navigate to the [Azure portal](https://portal.azure.com).
-2. Select your directory from the top-right corner, then select the **Azure Active Directory** blade from the left navigation pane.
-3. Select **Audit logs** from the **Activity** section of the Azure Active Directory blade. 
+1. Select **Audit logs** from the **Activity** section of Azure Active Directory. 
 
     ![Audit logs](./media/howto-find-activity-reports/482.png "Audit logs")
 
@@ -94,7 +90,7 @@ The **Sign-ins** view includes all user sign-ins, as well as the **Application U
 To access the sign-ins report:
 
 1. Navigate to the [Azure portal](https://portal.azure.com).
-2. Select your directory from the top-right corner, then select the **Azure Active Directory** blade from the left navigation pane.
+2. Select your directory from the top-right corner, then select **Azure Active Directory** from the left navigation pane.
 3. Select **Signins** from the **Activity** section of the Azure Active Directory blade. 
 
     ![Sign-ins view](./media/howto-find-activity-reports/483.png "Sign-ins view")