在 PIM 中查看 Azure AD 角色的审核历史记录View audit history for Azure AD roles in PIM

可以使用 Privileged Identity Management (PIM) 审核历史记录来查看过去 30 天内所有特权角色的所有角色分配和激活操作。You can use the Privileged Identity Management (PIM) audit history to see all role assignments and activations within the past 30 days for all privileged roles. 若要查看 Azure Active Directory (Azure AD) 组织中活动的完整审核历史记录(包括管理员、最终用户和同步活动),可以使用 Azure Active Directory 安全和活动报告If you want to see the full audit history of activity in your Azure Active Directory (Azure AD) organization, including administrator, end user, and synchronization activity, you can use the Azure Active Directory security and activity reports.

确定 PIM 版本Determine your version of PIM

从 2019 年 11 月开始,Privileged Identity Management 的 Azure AD 角色部分将更新为与 Azure 资源角色的体验相匹配的新版本。Beginning in November 2019, the Azure AD roles portion of Privileged Identity Management is being updated to a new version that matches the experiences for Azure resource roles. 这将创建附加功能以及对现有 API 的更改This creates additional features as well as changes to the existing API. 在推出新版本时,本文中遵循的过程取决于当前拥有的 Privileged Identity Management 版本。While the new version is being rolled out, which procedures that you follow in this article depend on version of Privileged Identity Management you currently have. 按照本部分中的步骤确定所拥有的 Privileged Identity Management 的版本。Follow the steps in this section to determine which version of Privileged Identity Management you have. 了解 Privileged Identity Management 版本之后,可以选择本文中与该版本匹配的过程。After you know your version of Privileged Identity Management, you can select the procedures in this article that match that version.

  1. 以具有特权角色管理员角色的用户身份登录到 Azure 门户Sign in to the Azure portal with a user who is in the Privileged role administrator role.

  2. 打开“Azure AD Privileged Identity Management”。 Open Azure AD Privileged Identity Management. 如果在概述页的顶部有横幅,请按照本文“新版本”选项卡中的说明进行操作 。If you have a banner on the top of the overview page, follow the instructions in the New version tab of this article. 否则,请按照“先前版本”选项卡中的说明操作 。Otherwise, follow the instructions in the Previous version tab.

按以下步骤查看 Azure AD 角色的审核历史记录。Follow these steps to view the audit history for Azure AD roles.

查看资源审核历史记录View resource audit history

可以通过资源审核查看与 Azure AD 角色关联的所有活动。Resource audit gives you a view of all activity associated with your Azure AD roles.

  1. 打开“Azure AD Privileged Identity Management”。 Open Azure AD Privileged Identity Management.

  2. 选择“Azure AD 角色” 。Select Azure AD roles.

  3. 选择“资源审核” 。Select Resource audit.

  4. 可以使用预定义的日期或自定义范围筛选历史记录。Filter the history using a predefined date or custom range.

    带筛选器的资源审核列表

查看我的审核View my audit

使用“我的审核”,可以查看你的个人角色活动。My audit enables you to view your personal role activity.

  1. 打开“Azure AD Privileged Identity Management”。 Open Azure AD Privileged Identity Management.

  2. 选择“Azure AD 角色” 。Select Azure AD roles.

  3. 选择要查看其审核历史记录的资源。Select the resource you want to view audit history for.

  4. 选择“我的审核” 。Select My audit.

  5. 可以使用预定义的日期或自定义范围筛选历史记录。Filter the history using a predefined date or custom range.

    当前用户的审核列表

后续步骤Next steps