在 PIM 中查看 Azure AD 角色的审核历史记录View audit history for Azure AD roles in PIM
可以使用 Privileged Identity Management (PIM) 审核历史记录来查看过去 30 天内所有特权角色的所有角色分配和激活操作。You can use the Privileged Identity Management (PIM) audit history to see all role assignments and activations within the past 30 days for all privileged roles. 若要查看 Azure Active Directory (Azure AD) 组织中活动的完整审核历史记录(包括管理员、最终用户和同步活动),可以使用 Azure Active Directory 安全和活动报告。If you want to see the full audit history of activity in your Azure Active Directory (Azure AD) organization, including administrator, end user, and synchronization activity, you can use the Azure Active Directory security and activity reports.
查看审核历史记录View audit history
按以下步骤查看 Azure AD 角色的审核历史记录。Follow these steps to view the audit history for Azure AD roles.
使用特权角色管理员角色成员用户的身份登录到 Azure 门户。Sign in to Azure portal with a user that is a member of the Privileged Role Administrator role.
打开“Azure AD Privileged Identity Management”。 Open Azure AD Privileged Identity Management.
单击“Azure AD 角色”。 Click Azure AD roles.
单击“目录角色审核历史记录”。 Click Directory roles audit history.
将会根据审核历史记录显示柱形图和总激活数、每日最大激活数以及每日平均激活数。Depending on your audit history, a column chart is displayed along with the total activations, max activations per day, and average activations per day.
在页面底部会显示一个表,其中包含可用审核历史记录中每个操作的信息。At the bottom of the page, a table is displayed with information about each action in the available audit history. 列的含义如下:The columns have the following meanings:
列Column 说明Description 时间Time 发生操作的时间。When the action occurred. 请求者Requestor 已请求角色激活或更改的用户。User who requested the role activation or change. 如果该值为“Azure 系统”,请查看 Azure 审核历史记录以获取详细信息。 If the value is Azure System, check the Azure audit history for more information. 操作Action 请求者所采取的操作。Actions taken by the requestor. 操作可能包含分配、取消分配、激活、停用或 AddedOutsidePIM。Actions can include Assign, Unassign, Activate, Deactivate, or AddedOutsidePIM. 成员Member 正在激活或已分配给角色的用户。User who is activating or assigned to a role. 角色Role 由用户分配或激活的角色。Role assigned or activated by the user. 理由Reasoning 在激活期间向原因字段中输入的文本。Text that was entered into the reason field during activation. 过期时间Expiration 已激活角色过期的时间。When an activated role expires. 仅适用于符合条件的角色分配。Applies only to eligible role assignments. 若要对审核历史记录排序,请单击“时间” 、“操作” 和“角色” 按钮。To sort the audit history, click the Time, Action, and Role buttons.
筛选审核历史记录Filter audit history
在审核历史记录页顶部,单击“筛选”按钮。 At the top of the audit history page, click the Filter button.
将显示“更新图表参数”窗格 。The Update chart parameters pane appears.
在“时间范围”中, 选择时间范围。In Time range, select a time range.
在角色中,选中指示要查看的角色的复选框。In Roles, select the checkboxes to indicate the roles you want to view.
单击“完成”,查看已筛选的审核历史记录。 Click Done to view the filtered audit history.