Microsoft Entra ID · Identity Governance
Attribute Log Administrator
Read audit logs and configure diagnostic settings for events related to custom security attributes.
Scope: Audit and diagnostic configuration for custom security attribute activities
Permissions
- Read custom security attribute audit logs
- Read attribute definition change logs
- Read attribute assignment change logs
- Configure diagnostic settings for attributes
- Export attribute audit logs
Common use cases
- Attribute change auditing
- Compliance monitoring for attributes
- Attribute assignment tracking
- Security investigation support
- Diagnostic log configuration
Best practices
- Configure log retention appropriately
- Set up alerts for critical changes
- Export logs for long-term retention
- Integrate with SIEM
- Regular audit log review
Security considerations
- Audit logs may reveal sensitive classifications
- Cannot read other audit log types
- Important for attribute governance