How Long Does Azure AD Store Sign-In Logs?
Question
You have an Azure Active Directory (Azure AD) tenant.
You need to review the Azure AD sign-in logs to investigate sign-ins that occurred in the past.
For how long does Azure AD store events in the sign-in logs?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/reference-reports-data-retention#how-long-does-azure-ad-store-the-dataAzure Active Directory (Azure AD) provides a Sign-in logs feature that allows administrators to track user sign-in activities and monitor potential security threats. The Sign-in logs can be used to investigate sign-ins that occurred in the past and provide detailed information about the user, device, location, and application used during the sign-in.
By default, Azure AD stores sign-in events in the Sign-in logs for a period of 30 days. However, administrators can configure the retention period for sign-in logs in Azure AD based on their organization's needs.
The available retention periods for sign-in logs in Azure AD are as follows:
- 7 days
- 30 days
- 90 days
- 180 days
- 365 days
To configure the retention period for sign-in logs in Azure AD, administrators can use the Azure portal, Azure PowerShell, or the Microsoft Graph API.
It's important to note that increasing the retention period for sign-in logs in Azure AD may have an impact on the storage and cost of the Azure AD tenant. Therefore, administrators should carefully consider the retention period and adjust it based on their organization's security and compliance requirements.
