Idemeum collects various audit log events and stores them in the cloud. The logs can be reviewed in the admin portal
Audit trail section. Today we keep logs for the last 30 days on a rolling window.
Events for Entra ID accounts
New Entra ID account request
When technician navigates to idemeum portal and requests Entra ID account to be enabled or provisioned, we capture an event along with technician email address and the account name that will be provisioned.
email@example.com requested access to application Entra 365 onmicrosoft. User account msptech6913@NETORGFT11060369.onmicrosoft.com created.
Entra ID account disabled
We capture audit events when technician Entra ID accounts are disabled. This happens when:
- Configured time for which account needs to stay active passed (default 4 hours)
- Technician was un-entitled (no longer has access) to Entra ID application that you created, or you removed the application configuration from idemeum customer tenant
System disabled user account msptech6913@NETORGFT11060369.onmicrosoft.com in application Entra 365 onmicrosoft.
Entra ID account credentials access
Audit event is captured when technicians view credentials for Entra ID accounts.
firstname.lastname@example.org accessed Entra 365 onmicrosoft credentials.