Audit environment management operations
Important
This content is archived and is not being updated. For the latest documentation, go to Administer Microsoft Power Platform. For the latest release plans, go to Dynamics 365, Power Platform, and Cloud for Industry release plans.
| Enabled for | Public preview | General availability |
|---|---|---|
| Admins, makers, marketers, or analysts, automatically | 
Dec 1, 2023 |
Feb 15, 2024 |
Business value
Microsoft Purview and Microsoft Defender are solutions that allow customers to search and archive events that can be applied to compliance and security use cases.
This enhancement extends the existing collection of captured activities to include actions on an environment performed by administrators across the customer management plane, including Power Platform admin center and public-facing management APIs.
Feature details
Many organizations in regulated industries are subject to extensive compliance requirements. To perform their own risk assessments, customers need to monitor user activities when interacting with business data using the Power Platform. Out-of-the-box capabilities allow customers to log events in Microsoft Purview and Microsoft Defender to support access and reporting on user activities across the platform. These events are used to power compliance and automated, security threat detection and monitoring solutions.
You can now enable audit logs for tracking administrative operations such as changes to environments, updates to user security privileges, and updates to Managed Environment settings.
Organizations with a Microsoft Office E1 or higher license can access audit and reporting features available in Microsoft Purview and Microsoft Defender. Power Platform events logged for production environments can be archived in Microsoft Defender for up to ten years. Events are logged at the SDK level, which means a single action can trigger multiple events. Because these events are captured outside of the subscription storage, costs are minimal and avoid impacting Dataverse capacity.
Use the search tool for audit logs to search for specific events or programmatically query the service using PowerShell commands. Users must be assigned a Microsoft Office license to access activities logged in Microsoft Defender.