什么是 Azure Active Directory 报告?What are Azure Active Directory reports?

可以通过 Azure Active Directory (Azure AD) 报表全面了解环境中的活动。Azure Active Directory (Azure AD) reports provide a comprehensive view of activity in your environment.

报告

访问安全报表需要什么 Azure AD 许可证?What Azure AD license do you need to access a security report?

所有版本的 Azure AD 都提供标记为存在风险的用户的报表和风险登录报表。All editions of Azure AD provide you with users flagged for risk and risky sign-ins reports. 但是,各版本的报表粒度级别有所不同:However, the level of report granularity varies between the editions:

  • 在“Azure Active Directory 免费版和基本版”中,获取一个列表,其中包含标记为存在风险的用户和风险登录。 In the Azure Active Directory Free and Basic editions, you get a list of users flagged for risk and risky sign-ins.

  • Azure Active Directory Premium 1 版本扩展了这个模型,它还允许你检查每个报告检测到的一些潜在风险检测。The Azure Active Directory Premium 1 edition extends this model by also enabling you to examine some of the underlying risk detections that have been detected for each report.

  • Azure Active Directory Premium 2 版本提供有关潜在风险检测的最详细信息,并且还允许配置可自动响应已配置风险级别的安全策略。The Azure Active Directory Premium 2 edition provides you with the most detailed information about the underlying risk detections and it also enables you to configure security policies that automatically respond to configured risk levels.

活动报表Activity reports

可以通过活动报表了解用户在组织中的行为。Activity reports help you understand the behavior of users in your organization. Azure AD 中有两种类型的活动报表:There are two types of activity reports in Azure AD:

  • 审核日志 - 可以通过审核日志活动报表访问在租户中执行的每个任务的历史记录。Audit logs - The audit logs activity report provides you with access to the history of every task performed in your tenant.

  • 登录 - 可以通过登录活动报表来确定谁执行了审核日志报表所报告的任务。Sign-ins - With the sign-ins activity report, you can determine, who has performed the tasks reported by the audit logs report.

审核日志报表Audit logs report

审核日志报表提供系统活动记录以确保符合性。The audit logs report provides you with records of system activities for compliance. 可通过此数据处理常见方案,例如:This data enables you to address common scenarios such as:

  • 我的租户中有人获得了访问管理员组的权限。Someone in my tenant got access to an admin group. 谁给予他们访问权限?Who gave them access?

  • 我想要了解登录到特定应用的用户的列表,因为我最近将该应用上架了,想要了解其是否正常运行I want to know the list of users signing into a specific app since I recently onboarded the app and want to know if it’s doing well

  • 我想要知道在我的租户中进行了多少次密码重置I want to know how many password resets are happening in my tenant

访问审核日志报表需要什么 Azure AD 许可证?What Azure AD license do you need to access the audit logs report?

对于你有其许可证的功能,会提供审核日志报表。The audit logs report is available for features for which you have licenses. 如果有特定功能的许可证,则还可以访问其审核日志信息。If you have a license for a specific feature, you also have access to the audit log information for it.

登录报告Sign-ins report

可以通过“登录报表”找到如下所示问题的答案:The sign-ins report enables you to find answers to questions such as:

  • 什么是用户的登录模式?What is the sign-in pattern of a user?
  • 多少用户超过一周都有登录行为?How many users have users signed in over a week?
  • 这些登录的状态怎样?What’s the status of these sign-ins?

访问登录活动报表需要什么 Azure AD 许可证?What Azure AD license do you need to access the sign-ins activity report?

若要访问登录活动报表,租户必须具有与之关联的 Azure AD Premium 许可证。To access the sign-ins activity report, your tenant must have an Azure AD Premium license associated with it.

后续步骤Next steps