Microsoft PowerApps audit events now available in Office 365 Security & Compliance Center
Microsoft PowerApps events are made discoverable within the Office 365 Security & Compliance Center.
The Office 365 Security & Compliance Center is designed to help organizations manage compliance across Office 365 including protecting data and complying with legal and regulatory standards. Customers have expressed interest in understanding how Microsoft PowerApps is being used within their organization. For example, which users are Creating Apps, Publishing Apps or Deleting Apps. Using the Office 365 Security and Compliance Center customers can get access to this data.
Office 365 tenant administrators1 reach the Security & Compliance Center by navigating to https://protection.office.com. From there, the Audit log search is found under the Search and investigation dropdown.
Within the Audit log search screen, Tenant administrators can search audit logs across many popular services including eDiscovery, Exchange, Power BI, Azure AD, Microsoft Flow, Dynamics 365 and now PowerApps.
Once the Audit log search screen is accessed, an administrator can filter for specific activities by pulling down the Activities dropdown. By scrolling down the list, a section dedicated to PowerApps activities can be found. The PowerApps activities available for discovery include:
- Created app
- Edited app
- Deleted app
- Launched app
- Published app
- Marked app as hero
- Market app as featured
- Edited app permissions
- Deleted app permission
- Restored app version
With the Activities filter set, a timeframe and additional search parameters can be provided. The search is initiated by clicking on the Search button. The result of search is a list and can be clicked to get more details about the audit event.
For schema information you can refer to this link.
The retention period for audit data is 90 days. CSV exports of this data are also available which allow customers to further explore this data using Microsoft Excel or Power BI. Customers can expect events to be available in the Office 365 Security & Compliance Center within 90 minutes of them occurring.
The Microsoft PowerApps team is continuing to invest in the Admin experience. If you have any feedback about Microsoft PowerApps, or the admin experience, please feel free to post below in the comments, in our community, or reach out on Twitter.
1 Accessing the Office 365 Security & Compliance Center requires an Office 365 license, with appropriate permissions, to use the Security and investigation feature. Please refer to this link for additional information.