Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
For information on using these queries in the Azure portal, see Log Analytics tutorial. For the REST API, see Query.
All bookshelf audit events
Lists all audit events for Discovery bookshelves, showing the operation performed and the acting principal.
// All audit events for Discovery bookshelves
// Shows the operation performed and the acting principal
DiscoveryBookshelfAuditLogs
| project TimeGenerated, OperationName, ObjectId, Tenant, _ResourceId
| sort by TimeGenerated desc
Bookshelf operations by user
Summarizes audit operations grouped by the acting principal to identify who is performing actions on Discovery bookshelves.
// Bookshelf operations grouped by user
// Identifies who is performing actions on Discovery bookshelves
DiscoveryBookshelfAuditLogs
| summarize OperationCount = count() by ObjectId
| sort by OperationCount desc
Bookshelf operations by type
Summarizes audit events grouped by operation name to identify the most frequently performed actions on Discovery bookshelves.
// Bookshelf operations grouped by operation type
// Identifies the most frequently performed actions on Discovery bookshelves
DiscoveryBookshelfAuditLogs
| summarize OperationCount = count() by OperationName
| sort by OperationCount desc